WebKit-https.git
4 months agoCSSFontFaceSource fails to compile when !ENABLE(SVG_FONTS)
don.olmstead@sony.com [Wed, 8 May 2019 23:42:50 +0000 (23:42 +0000)]
CSSFontFaceSource fails to compile when !ENABLE(SVG_FONTS)
https://bugs.webkit.org/show_bug.cgi?id=197720

Unreviewed build fix.

Add usesInDocumentSVGFont to the !ENABLE(SVG_FONT) path.

* css/CSSFontFaceSource.cpp:
(WebCore::CSSFontFaceSource::font):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@245078 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 months agoUnreviewed test rebaselines.
timothy_horton@apple.com [Wed, 8 May 2019 23:40:22 +0000 (23:40 +0000)]
Unreviewed test rebaselines.

* platform/ios/editing/deleting/smart-delete-paragraph-003-expected.txt:
* platform/ios/editing/pasteboard/smart-paste-paragraph-003-expected.txt:
I over-did it with my rebaselines earlier.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@245077 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 months ago[Legacy WebKit] REGRESSION (r238078): Crash in hardwareKeyboardAvailabilityChangedCal...
dbates@webkit.org [Wed, 8 May 2019 23:37:59 +0000 (23:37 +0000)]
[Legacy WebKit] REGRESSION (r238078): Crash in hardwareKeyboardAvailabilityChangedCallback()
https://bugs.webkit.org/show_bug.cgi?id=197724
<rdar://problem/49725959>

Reviewed by Tim Horton.

Speculative fix for race condition. Between the time we receive a kGSEventHardwareKeyboardAvailabilityChangedNotification
notification and when we schedule execution to run on the WebThread the WebView that notification
was for may no longer exist. Take out a weak ptr on the WebView when we receive the notification
and check that we still have it once we are running on the WebThread.

* WebView/WebHTMLView.mm:
(hardwareKeyboardAvailabilityChangedCallback):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@245076 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 months agoAdd SPI to set HSTS storage directory
commit-queue@webkit.org [Wed, 8 May 2019 23:11:55 +0000 (23:11 +0000)]
Add SPI to set HSTS storage directory
https://bugs.webkit.org/show_bug.cgi?id=197259
Source/WebCore/PAL:

Patch by Alex Christensen <achristensen@webkit.org> on 2019-05-08
Reviewed by Brady Eidson.

* pal/spi/cf/CFNetworkSPI.h:

Source/WebKit:

<rdar://problem/48797895>

Patch by Alex Christensen <achristensen@webkit.org> on 2019-05-08
Reviewed by Brady Eidson.

It is with great sadness that I lament the design of this SPI, which is necessitated by the process-global nature of the SPI that
I must call and the time at which I must call it (before any networking calls have been made).
I'm also not thrilled about the fact that the unit test infrastructure I developed for this in r244594 cannot be used because
the SPI that I must call does not work on iOS simulator or Mac.  I have verified the SPI is being called and that when called on iOS,
and that CFNetwork does the right thing with it.

* NetworkProcess/NetworkProcessCreationParameters.cpp:
(WebKit::NetworkProcessCreationParameters::encode const):
(WebKit::NetworkProcessCreationParameters::decode):
* NetworkProcess/NetworkProcessCreationParameters.h:
* NetworkProcess/cocoa/NetworkProcessCocoa.mm:
(WebKit::NetworkProcess::platformInitializeNetworkProcessCocoa):
* UIProcess/API/APIProcessPoolConfiguration.cpp:
(API::ProcessPoolConfiguration::copy):
* UIProcess/API/APIProcessPoolConfiguration.h:
* UIProcess/API/Cocoa/_WKProcessPoolConfiguration.h:
* UIProcess/API/Cocoa/_WKProcessPoolConfiguration.mm:
(-[_WKProcessPoolConfiguration setHSTSStorageDirectory:]):
(-[_WKProcessPoolConfiguration hstsStorageDirectory]):
* UIProcess/WebProcessPool.cpp:
(WebKit::WebProcessPool::ensureNetworkProcess):

Source/WTF:

Patch by Alex Christensen <achristensen@webkit.org> on 2019-05-08
Reviewed by Brady Eidson.

* wtf/Platform.h:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@245075 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 months ago[GTK] Unreviewed test gardening
aboya@igalia.com [Wed, 8 May 2019 22:52:26 +0000 (22:52 +0000)]
[GTK] Unreviewed test gardening
https://bugs.webkit.org/show_bug.cgi?id=197717

* platform/gtk/TestExpectations:
* platform/gtk/imported/w3c/web-platform-tests/2dcontext/imagebitmap/createImageBitmap-invalid-args-expected.txt:
* platform/gtk/inspector/css/shadow-scoped-style-expected.txt: Removed.
* platform/gtk/js/dom/dom-static-property-for-in-iteration-expected.txt:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@245074 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 months agoPass insertTextAsync options as a struct
dbates@webkit.org [Wed, 8 May 2019 22:48:31 +0000 (22:48 +0000)]
Pass insertTextAsync options as a struct
https://bugs.webkit.org/show_bug.cgi?id=197710

Reviewed by Brent Fulgham.

WebPageProxy::insertTextAsync() is becoming unwieldy to work with given the large number of
optional arguments that can be passed to it. Let's pass a struct instead.

* Shared/Cocoa/InsertTextOptions.cpp: Added.
(IPC::ArgumentCoder<WebKit::InsertTextOptions>::encode):
(IPC::ArgumentCoder<WebKit::InsertTextOptions>::decode):
* Shared/Cocoa/InsertTextOptions.h: Added.
* Shared/EditingRange.h: Add EnumTrait so that we can encode the EditingRangeIsRelativeTo
enumeration.
* SourcesCocoa.txt: Add a new file.
* UIProcess/Cocoa/WebViewImpl.mm:
(WebKit::WebViewImpl::insertText): Update code now that we pass a struct.
(WebKit::WebViewImpl::setMarkedText): Ditto.
* UIProcess/WebPageProxy.cpp:
(WebKit::WebPageProxy::insertTextAsync): Ditto.
* UIProcess/WebPageProxy.h:
* UIProcess/ios/WKContentViewInteraction.mm:
(-[WKContentView insertText:]): Ditto.
* UIProcess/mac/WebPageProxyMac.mm:
(WebKit::WebPageProxy::insertDictatedTextAsync): Ditto.
* WebKit.xcodeproj/project.pbxproj: Add new files.
* WebProcess/WebPage/WebPage.cpp:
(WebKit::WebPage::insertTextAsync): Ditto.
* WebProcess/WebPage/WebPage.h:
* WebProcess/WebPage/WebPage.messages.in: Ditto.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@245073 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 months agoAdd plumbing for inactive system colors in RenderTheme cache.
timothy@apple.com [Wed, 8 May 2019 22:24:56 +0000 (22:24 +0000)]
Add plumbing for inactive system colors in RenderTheme cache.
https://bugs.webkit.org/show_bug.cgi?id=197699
rdar://problem/49406936

Reviewed by Tim Horton.

Source/WebCore:

* css/StyleColor.h:
* page/Page.cpp:
(WebCore::Page::effectiveAppearanceDidChange): Renamed from setUseDarkAppearance.
* page/Page.h:
(WebCore::Page::useInactiveAppearance const):
* rendering/RenderTheme.cpp:
(WebCore::RenderTheme::purgeCaches):
(WebCore::RenderTheme::platformColorsDidChange):
(WebCore::RenderTheme::colorCache const):
* rendering/RenderTheme.h:
* testing/InternalSettings.cpp:
(WebCore::InternalSettings::setUseDarkAppearanceInternal):

Source/WebKit:

* Shared/WebPageCreationParameters.cpp:
(WebKit::WebPageCreationParameters::encode const):
(WebKit::WebPageCreationParameters::decode):
* Shared/WebPageCreationParameters.h:
* UIProcess/Cocoa/WebViewImpl.h:
* UIProcess/Cocoa/WebViewImpl.mm:
(WebKit::WebViewImpl::effectiveAppearanceIsInactive):
* UIProcess/PageClient.h:
(WebKit::PageClient::effectiveAppearanceIsInactive const):
* UIProcess/WebPageProxy.cpp:
(WebKit::WebPageProxy::creationParameters):
(WebKit::WebPageProxy::useInactiveAppearance const):
(WebKit::WebPageProxy::effectiveAppearanceDidChange):
* UIProcess/WebPageProxy.h:
* UIProcess/mac/PageClientImplMac.h:
* UIProcess/mac/PageClientImplMac.mm:
(WebKit::PageClientImpl::effectiveAppearanceIsInactive const):
* WebProcess/InjectedBundle/API/c/WKBundlePage.cpp:
(WKBundlePageSetUseDarkAppearance):
* WebProcess/WebPage/WebPage.cpp:
(WebKit::m_shrinkToFitContentTimer):
(WebKit::WebPage::effectiveAppearanceDidChange): Renamed from setUseDarkAppearance.
* WebProcess/WebPage/WebPage.h:
* WebProcess/WebPage/WebPage.messages.in:
* WebProcess/WebPage/gtk/WebPageGtk.cpp:
(WebKit::WebPage::effectiveAppearanceDidChange): Renamed from setUseDarkAppearance.

Source/WebKitLegacy/mac:

* WebView/WebView.mm:
(-[WebView _commonInitializationWithFrameName:groupName:]):
(-[WebView _setUseDarkAppearance:]):
(-[WebView _useInactiveAppearance]):
(-[WebView _setUseInactiveAppearance:]):
(-[WebView _setUseDarkAppearance:useInactiveAppearance:]):
(-[WebView _effectiveAppearanceIsInactive]):
(-[WebView viewDidChangeEffectiveAppearance]):
* WebView/WebViewPrivate.h:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@245072 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 months agoInvalid DFG JIT genereation in high CPU usage state
ysuzuki@apple.com [Wed, 8 May 2019 22:19:26 +0000 (22:19 +0000)]
Invalid DFG JIT genereation in high CPU usage state
https://bugs.webkit.org/show_bug.cgi?id=197453

Reviewed by Saam Barati.

JSTests:

* stress/string-ident-use-clears-abstract-value-if-rope-string-constant-is-held.js: Added.
(trigger):
(main):

Source/JavaScriptCore:

We have a DFG graph like this.

    a: JSConstant(rope JSString)
    b: CheckStringIdent(Check:StringUse:@a)
    ... AI think this is unreachable ...

When executing StringUse edge filter onto @a, AbstractValue::filterValueByType clears AbstractValue and makes it None.
This is because @a constant produces SpecString (SpecStringVar | SpecStringIdent) while StringUse edge filter requires
SpecStringIdent. AbstractValue::filterValueByType has an assumption that the JS constant always produces the same
SpeculatedType. So it clears AbstractValue completely.
But this assumption is wrong. JSString can produce SpecStringIdent later if the string is resolved to AtomicStringImpl.
AI think that we always fail. But once the string is resolved to AtomicStringImpl, we pass this check. So we execute
the breakpoint emitted by DFG since DFG think this is unreachable.

In this patch, we just clear the `m_value` if AbstractValue type filter fails with the held constant, since the constant
may produce a narrower type which can meet the type filter later.

* dfg/DFGAbstractValue.cpp:
(JSC::DFG::AbstractValue::filterValueByType):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@245071 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 months agoChange my status to be a WebKit reviewer.
jbedard@apple.com [Wed, 8 May 2019 22:05:56 +0000 (22:05 +0000)]
Change my status to be a WebKit reviewer.

* Scripts/webkitpy/common/config/contributors.json:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@245070 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 months agoRegression: Crash at WebKit: PAL::HysteresisActivity::start
cdumez@apple.com [Wed, 8 May 2019 21:18:48 +0000 (21:18 +0000)]
Regression: Crash at WebKit: PAL::HysteresisActivity::start
https://bugs.webkit.org/show_bug.cgi?id=197666
<rdar://problem/50037153>

Reviewed by Geoffrey Garen.

We've recently made it so that the WebContent process destroys its WebSQLiteDatabaseTracker when preparing
for process suspension and then re-constructs it when resuming. The issue is that the WebSQLiteDatabaseTracker
internal implementation was calling callOnMainThread() and capturing |this| to start/stop its HysteresisActivity.
As a result, |this| could be dead by the time we're on the main thread and we'd crash.

To address the issue, we no longer destroy the WebSQLiteDatabaseTracker when preparing to suspend. Instead, we
set a 'isSuspended' flag on the WebSQLiteDatabaseTracker so that it stops notifying the WebProcess of changes.

Also clean up the class a bit so that:
1. The constructor takes in a WTF::Function instead of a NetworkProcess / WebProcess reference. This is provides
   better layering. The WebSQLiteDatabaseTracker should not need to know anything about those objects.
2. Use RunLoop::main().dispatch() instead of callOnMainThread() since we're in WebKit2 code.

* NetworkProcess/NetworkProcess.cpp:
(WebKit::NetworkProcess::NetworkProcess):
* Shared/WebSQLiteDatabaseTracker.cpp:
(WebKit::WebSQLiteDatabaseTracker::WebSQLiteDatabaseTracker):
(WebKit::WebSQLiteDatabaseTracker::~WebSQLiteDatabaseTracker):
(WebKit::WebSQLiteDatabaseTracker::willBeginFirstTransaction):
(WebKit::WebSQLiteDatabaseTracker::didFinishLastTransaction):
(WebKit::WebSQLiteDatabaseTracker::hysteresisUpdated): Deleted.
* Shared/WebSQLiteDatabaseTracker.h:
* WebProcess/WebProcess.cpp:
(WebKit::m_nonVisibleProcessCleanupTimer):
(WebKit::WebProcess::initializeSQLiteDatabaseTracker):
(WebKit::WebProcess::cancelPrepareToSuspend):
(WebKit::WebProcess::processDidResume):
(WebKit::m_webSQLiteDatabaseTracker): Deleted.
* WebProcess/WebProcess.h:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@245069 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 months agoAll prototypes should call didBecomePrototype()
rmorisset@apple.com [Wed, 8 May 2019 21:14:39 +0000 (21:14 +0000)]
All prototypes should call didBecomePrototype()
https://bugs.webkit.org/show_bug.cgi?id=196315

Reviewed by Saam Barati.

This changelog already landed, but the commit was missing the actual changes.

JSTests:

* stress/function-prototype-indexed-accessor.js: Added.

Source/JavaScriptCore:

Otherwise we won't remember to run haveABadTime() when someone adds to them an indexed accessor.

I added a check used in both Structure::finishCreation() and Structure::changePrototypeTransition to make sure we don't
create structures with invalid prototypes.
It found a lot of objects that are used as prototypes in JSGlobalObject and yet were missing didBecomePrototype() in their finishCreation().
Somewhat surprisingly, some of them have names like FunctionConstructor and not only FooPrototype.

* runtime/BigIntPrototype.cpp:
(JSC::BigIntPrototype::finishCreation):
* runtime/BooleanPrototype.cpp:
(JSC::BooleanPrototype::finishCreation):
* runtime/DatePrototype.cpp:
(JSC::DatePrototype::finishCreation):
* runtime/ErrorConstructor.cpp:
(JSC::ErrorConstructor::finishCreation):
* runtime/ErrorPrototype.cpp:
(JSC::ErrorPrototype::finishCreation):
* runtime/FunctionConstructor.cpp:
(JSC::FunctionConstructor::finishCreation):
* runtime/FunctionPrototype.cpp:
(JSC::FunctionPrototype::finishCreation):
* runtime/IntlCollatorPrototype.cpp:
(JSC::IntlCollatorPrototype::finishCreation):
* runtime/IntlDateTimeFormatPrototype.cpp:
(JSC::IntlDateTimeFormatPrototype::finishCreation):
* runtime/IntlNumberFormatPrototype.cpp:
(JSC::IntlNumberFormatPrototype::finishCreation):
* runtime/IntlPluralRulesPrototype.cpp:
(JSC::IntlPluralRulesPrototype::finishCreation):
* runtime/JSArrayBufferPrototype.cpp:
(JSC::JSArrayBufferPrototype::finishCreation):
* runtime/JSDataViewPrototype.cpp:
(JSC::JSDataViewPrototype::finishCreation):
* runtime/JSGenericTypedArrayViewPrototypeInlines.h:
(JSC::JSGenericTypedArrayViewPrototype<ViewClass>::finishCreation):
* runtime/JSGlobalObject.cpp:
(JSC::createConsoleProperty):
* runtime/JSPromisePrototype.cpp:
(JSC::JSPromisePrototype::finishCreation):
* runtime/JSTypedArrayViewConstructor.cpp:
(JSC::JSTypedArrayViewConstructor::finishCreation):
* runtime/JSTypedArrayViewPrototype.cpp:
(JSC::JSTypedArrayViewPrototype::finishCreation):
* runtime/NumberPrototype.cpp:
(JSC::NumberPrototype::finishCreation):
* runtime/RegExpPrototype.cpp:
(JSC::RegExpPrototype::finishCreation):
* runtime/StringPrototype.cpp:
(JSC::StringPrototype::finishCreation):
* runtime/Structure.cpp:
(JSC::Structure::isValidPrototype):
(JSC::Structure::changePrototypeTransition):
* runtime/Structure.h:
* runtime/SymbolPrototype.cpp:
(JSC::SymbolPrototype::finishCreation):
* wasm/js/WebAssemblyCompileErrorPrototype.cpp:
(JSC::WebAssemblyCompileErrorPrototype::finishCreation):
* wasm/js/WebAssemblyInstancePrototype.cpp:
(JSC::WebAssemblyInstancePrototype::finishCreation):
* wasm/js/WebAssemblyLinkErrorPrototype.cpp:
(JSC::WebAssemblyLinkErrorPrototype::finishCreation):
* wasm/js/WebAssemblyMemoryPrototype.cpp:
(JSC::WebAssemblyMemoryPrototype::finishCreation):
* wasm/js/WebAssemblyModulePrototype.cpp:
(JSC::WebAssemblyModulePrototype::finishCreation):
* wasm/js/WebAssemblyPrototype.cpp:
(JSC::WebAssemblyPrototype::finishCreation):
* wasm/js/WebAssemblyRuntimeErrorPrototype.cpp:
(JSC::WebAssemblyRuntimeErrorPrototype::finishCreation):
* wasm/js/WebAssemblyTablePrototype.cpp:
(JSC::WebAssemblyTablePrototype::finishCreation):

Source/WebCore:

It was found by existing tests, with the new assert in JSC::Structure

* bindings/js/JSWindowProxy.cpp:
(WebCore::JSWindowProxy::setWindow):
* bindings/scripts/CodeGeneratorJS.pm:
(GeneratePrototypeDeclaration):
(GenerateConstructorHelperMethods):
* bindings/scripts/test/JS/JSInterfaceName.cpp:
(WebCore::JSInterfaceNamePrototype::JSInterfaceNamePrototype):
* bindings/scripts/test/JS/JSMapLike.cpp:
(WebCore::JSMapLikePrototype::JSMapLikePrototype):
* bindings/scripts/test/JS/JSReadOnlyMapLike.cpp:
(WebCore::JSReadOnlyMapLikePrototype::JSReadOnlyMapLikePrototype):
* bindings/scripts/test/JS/JSTestActiveDOMObject.cpp:
(WebCore::JSTestActiveDOMObjectPrototype::JSTestActiveDOMObjectPrototype):
* bindings/scripts/test/JS/JSTestCEReactions.cpp:
(WebCore::JSTestCEReactionsPrototype::JSTestCEReactionsPrototype):
* bindings/scripts/test/JS/JSTestCEReactionsStringifier.cpp:
(WebCore::JSTestCEReactionsStringifierPrototype::JSTestCEReactionsStringifierPrototype):
* bindings/scripts/test/JS/JSTestCallTracer.cpp:
(WebCore::JSTestCallTracerPrototype::JSTestCallTracerPrototype):
* bindings/scripts/test/JS/JSTestClassWithJSBuiltinConstructor.cpp:
(WebCore::JSTestClassWithJSBuiltinConstructorPrototype::JSTestClassWithJSBuiltinConstructorPrototype):
* bindings/scripts/test/JS/JSTestDOMJIT.cpp:
(WebCore::JSTestDOMJITPrototype::JSTestDOMJITPrototype):
(WebCore::JSTestDOMJITConstructor::prototypeForStructure):
* bindings/scripts/test/JS/JSTestEnabledBySetting.cpp:
(WebCore::JSTestEnabledBySettingPrototype::JSTestEnabledBySettingPrototype):
* bindings/scripts/test/JS/JSTestEventConstructor.cpp:
(WebCore::JSTestEventConstructorPrototype::JSTestEventConstructorPrototype):
(WebCore::JSTestEventConstructorConstructor::prototypeForStructure):
* bindings/scripts/test/JS/JSTestEventTarget.cpp:
(WebCore::JSTestEventTargetPrototype::JSTestEventTargetPrototype):
(WebCore::JSTestEventTargetConstructor::prototypeForStructure):
* bindings/scripts/test/JS/JSTestException.cpp:
(WebCore::JSTestExceptionPrototype::JSTestExceptionPrototype):
* bindings/scripts/test/JS/JSTestGenerateIsReachable.cpp:
(WebCore::JSTestGenerateIsReachablePrototype::JSTestGenerateIsReachablePrototype):
* bindings/scripts/test/JS/JSTestGlobalObject.h:
(WebCore::JSTestGlobalObjectPrototype::JSTestGlobalObjectPrototype):
* bindings/scripts/test/JS/JSTestIndexedSetterNoIdentifier.cpp:
(WebCore::JSTestIndexedSetterNoIdentifierPrototype::JSTestIndexedSetterNoIdentifierPrototype):
* bindings/scripts/test/JS/JSTestIndexedSetterThrowingException.cpp:
(WebCore::JSTestIndexedSetterThrowingExceptionPrototype::JSTestIndexedSetterThrowingExceptionPrototype):
* bindings/scripts/test/JS/JSTestIndexedSetterWithIdentifier.cpp:
(WebCore::JSTestIndexedSetterWithIdentifierPrototype::JSTestIndexedSetterWithIdentifierPrototype):
* bindings/scripts/test/JS/JSTestInterface.cpp:
(WebCore::JSTestInterfacePrototype::JSTestInterfacePrototype):
* bindings/scripts/test/JS/JSTestInterfaceLeadingUnderscore.cpp:
(WebCore::JSTestInterfaceLeadingUnderscorePrototype::JSTestInterfaceLeadingUnderscorePrototype):
* bindings/scripts/test/JS/JSTestIterable.cpp:
(WebCore::JSTestIterablePrototype::JSTestIterablePrototype):
* bindings/scripts/test/JS/JSTestJSBuiltinConstructor.cpp:
(WebCore::JSTestJSBuiltinConstructorPrototype::JSTestJSBuiltinConstructorPrototype):
* bindings/scripts/test/JS/JSTestMediaQueryListListener.cpp:
(WebCore::JSTestMediaQueryListListenerPrototype::JSTestMediaQueryListListenerPrototype):
* bindings/scripts/test/JS/JSTestNamedAndIndexedSetterNoIdentifier.cpp:
(WebCore::JSTestNamedAndIndexedSetterNoIdentifierPrototype::JSTestNamedAndIndexedSetterNoIdentifierPrototype):
* bindings/scripts/test/JS/JSTestNamedAndIndexedSetterThrowingException.cpp:
(WebCore::JSTestNamedAndIndexedSetterThrowingExceptionPrototype::JSTestNamedAndIndexedSetterThrowingExceptionPrototype):
* bindings/scripts/test/JS/JSTestNamedAndIndexedSetterWithIdentifier.cpp:
(WebCore::JSTestNamedAndIndexedSetterWithIdentifierPrototype::JSTestNamedAndIndexedSetterWithIdentifierPrototype):
* bindings/scripts/test/JS/JSTestNamedConstructor.cpp:
(WebCore::JSTestNamedConstructorPrototype::JSTestNamedConstructorPrototype):
* bindings/scripts/test/JS/JSTestNamedDeleterNoIdentifier.cpp:
(WebCore::JSTestNamedDeleterNoIdentifierPrototype::JSTestNamedDeleterNoIdentifierPrototype):
* bindings/scripts/test/JS/JSTestNamedDeleterThrowingException.cpp:
(WebCore::JSTestNamedDeleterThrowingExceptionPrototype::JSTestNamedDeleterThrowingExceptionPrototype):
* bindings/scripts/test/JS/JSTestNamedDeleterWithIdentifier.cpp:
(WebCore::JSTestNamedDeleterWithIdentifierPrototype::JSTestNamedDeleterWithIdentifierPrototype):
* bindings/scripts/test/JS/JSTestNamedDeleterWithIndexedGetter.cpp:
(WebCore::JSTestNamedDeleterWithIndexedGetterPrototype::JSTestNamedDeleterWithIndexedGetterPrototype):
* bindings/scripts/test/JS/JSTestNamedGetterCallWith.cpp:
(WebCore::JSTestNamedGetterCallWithPrototype::JSTestNamedGetterCallWithPrototype):
* bindings/scripts/test/JS/JSTestNamedGetterNoIdentifier.cpp:
(WebCore::JSTestNamedGetterNoIdentifierPrototype::JSTestNamedGetterNoIdentifierPrototype):
* bindings/scripts/test/JS/JSTestNamedGetterWithIdentifier.cpp:
(WebCore::JSTestNamedGetterWithIdentifierPrototype::JSTestNamedGetterWithIdentifierPrototype):
* bindings/scripts/test/JS/JSTestNamedSetterNoIdentifier.cpp:
(WebCore::JSTestNamedSetterNoIdentifierPrototype::JSTestNamedSetterNoIdentifierPrototype):
* bindings/scripts/test/JS/JSTestNamedSetterThrowingException.cpp:
(WebCore::JSTestNamedSetterThrowingExceptionPrototype::JSTestNamedSetterThrowingExceptionPrototype):
* bindings/scripts/test/JS/JSTestNamedSetterWithIdentifier.cpp:
(WebCore::JSTestNamedSetterWithIdentifierPrototype::JSTestNamedSetterWithIdentifierPrototype):
* bindings/scripts/test/JS/JSTestNamedSetterWithIndexedGetter.cpp:
(WebCore::JSTestNamedSetterWithIndexedGetterPrototype::JSTestNamedSetterWithIndexedGetterPrototype):
* bindings/scripts/test/JS/JSTestNamedSetterWithIndexedGetterAndSetter.cpp:
(WebCore::JSTestNamedSetterWithIndexedGetterAndSetterPrototype::JSTestNamedSetterWithIndexedGetterAndSetterPrototype):
* bindings/scripts/test/JS/JSTestNamedSetterWithOverrideBuiltins.cpp:
(WebCore::JSTestNamedSetterWithOverrideBuiltinsPrototype::JSTestNamedSetterWithOverrideBuiltinsPrototype):
* bindings/scripts/test/JS/JSTestNamedSetterWithUnforgableProperties.cpp:
(WebCore::JSTestNamedSetterWithUnforgablePropertiesPrototype::JSTestNamedSetterWithUnforgablePropertiesPrototype):
* bindings/scripts/test/JS/JSTestNamedSetterWithUnforgablePropertiesAndOverrideBuiltins.cpp:
(WebCore::JSTestNamedSetterWithUnforgablePropertiesAndOverrideBuiltinsPrototype::JSTestNamedSetterWithUnforgablePropertiesAndOverrideBuiltinsPrototype):
* bindings/scripts/test/JS/JSTestNode.cpp:
(WebCore::JSTestNodePrototype::JSTestNodePrototype):
(WebCore::JSTestNodeConstructor::prototypeForStructure):
* bindings/scripts/test/JS/JSTestObj.cpp:
(WebCore::JSTestObjPrototype::JSTestObjPrototype):
* bindings/scripts/test/JS/JSTestOverloadedConstructors.cpp:
(WebCore::JSTestOverloadedConstructorsPrototype::JSTestOverloadedConstructorsPrototype):
* bindings/scripts/test/JS/JSTestOverloadedConstructorsWithSequence.cpp:
(WebCore::JSTestOverloadedConstructorsWithSequencePrototype::JSTestOverloadedConstructorsWithSequencePrototype):
* bindings/scripts/test/JS/JSTestOverrideBuiltins.cpp:
(WebCore::JSTestOverrideBuiltinsPrototype::JSTestOverrideBuiltinsPrototype):
* bindings/scripts/test/JS/JSTestPluginInterface.cpp:
(WebCore::JSTestPluginInterfacePrototype::JSTestPluginInterfacePrototype):
* bindings/scripts/test/JS/JSTestPromiseRejectionEvent.cpp:
(WebCore::JSTestPromiseRejectionEventPrototype::JSTestPromiseRejectionEventPrototype):
(WebCore::JSTestPromiseRejectionEventConstructor::prototypeForStructure):
* bindings/scripts/test/JS/JSTestSerialization.cpp:
(WebCore::JSTestSerializationPrototype::JSTestSerializationPrototype):
* bindings/scripts/test/JS/JSTestSerializationIndirectInheritance.cpp:
(WebCore::JSTestSerializationIndirectInheritancePrototype::JSTestSerializationIndirectInheritancePrototype):
(WebCore::JSTestSerializationIndirectInheritanceConstructor::prototypeForStructure):
* bindings/scripts/test/JS/JSTestSerializationInherit.cpp:
(WebCore::JSTestSerializationInheritPrototype::JSTestSerializationInheritPrototype):
(WebCore::JSTestSerializationInheritConstructor::prototypeForStructure):
* bindings/scripts/test/JS/JSTestSerializationInheritFinal.cpp:
(WebCore::JSTestSerializationInheritFinalPrototype::JSTestSerializationInheritFinalPrototype):
(WebCore::JSTestSerializationInheritFinalConstructor::prototypeForStructure):
* bindings/scripts/test/JS/JSTestSerializedScriptValueInterface.cpp:
(WebCore::JSTestSerializedScriptValueInterfacePrototype::JSTestSerializedScriptValueInterfacePrototype):
* bindings/scripts/test/JS/JSTestStringifier.cpp:
(WebCore::JSTestStringifierPrototype::JSTestStringifierPrototype):
* bindings/scripts/test/JS/JSTestStringifierAnonymousOperation.cpp:
(WebCore::JSTestStringifierAnonymousOperationPrototype::JSTestStringifierAnonymousOperationPrototype):
* bindings/scripts/test/JS/JSTestStringifierNamedOperation.cpp:
(WebCore::JSTestStringifierNamedOperationPrototype::JSTestStringifierNamedOperationPrototype):
* bindings/scripts/test/JS/JSTestStringifierOperationImplementedAs.cpp:
(WebCore::JSTestStringifierOperationImplementedAsPrototype::JSTestStringifierOperationImplementedAsPrototype):
* bindings/scripts/test/JS/JSTestStringifierOperationNamedToString.cpp:
(WebCore::JSTestStringifierOperationNamedToStringPrototype::JSTestStringifierOperationNamedToStringPrototype):
* bindings/scripts/test/JS/JSTestStringifierReadOnlyAttribute.cpp:
(WebCore::JSTestStringifierReadOnlyAttributePrototype::JSTestStringifierReadOnlyAttributePrototype):
* bindings/scripts/test/JS/JSTestStringifierReadWriteAttribute.cpp:
(WebCore::JSTestStringifierReadWriteAttributePrototype::JSTestStringifierReadWriteAttributePrototype):
* bindings/scripts/test/JS/JSTestTypedefs.cpp:
(WebCore::JSTestTypedefsPrototype::JSTestTypedefsPrototype):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@245068 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 months agoiOS: Selection is dismissed even if click is preventDefault()'d
timothy_horton@apple.com [Wed, 8 May 2019 20:50:22 +0000 (20:50 +0000)]
iOS: Selection is dismissed even if click is preventDefault()'d
https://bugs.webkit.org/show_bug.cgi?id=197686
<rdar://problem/49398824>

Reviewed by Wenson Hsieh.

Source/WebKit:

We currently unconditionally dismiss the selection on any tap; however
if a site preventDefault()s on click, we shouldn't perform the default
action of dismissing the selection.

Instead of clearing the selection in the UI process, clear it in the
Web content process if we don't dispatch a synthetic click; the normal
WebCore machinery will handle it in the case that we do.

* UIProcess/ios/WKContentViewInteraction.mm:
(-[WKContentView _singleTapRecognized:]):
* WebProcess/WebPage/WebPage.h:
* WebProcess/WebPage/ios/WebPageIOS.mm:
(WebKit::WebPage::commitPotentialTapFailed):
(WebKit::WebPage::selectWithGesture):
(WebKit::WebPage::clearSelection):
(WebKit::WebPage::selectTextWithGranularityAtPoint):

LayoutTests:

* editing/selection/ios/clear-selection-after-tapping-on-element-with-no-click-handler-expected.txt: Added.
* editing/selection/ios/clear-selection-after-tapping-on-element-with-no-click-handler.html: Added.
* editing/selection/ios/persist-selection-after-tapping-on-element-with-click-handler-expected.txt: Added.
* editing/selection/ios/persist-selection-after-tapping-on-element-with-click-handler.html: Added.
New tests.

* platform/ios/editing/deleting/smart-delete-paragraph-003-expected.txt:
* platform/ios/editing/pasteboard/smart-paste-paragraph-003-expected.txt:
Rebaseline since we changed the timing of editing callbacks by changing where the selection happens.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@245067 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 months agoWEBCORE_EXPORT shouldn't be on the class and its methods
don.olmstead@sony.com [Wed, 8 May 2019 20:32:24 +0000 (20:32 +0000)]
WEBCORE_EXPORT shouldn't be on the class and its methods
https://bugs.webkit.org/show_bug.cgi?id=197681

Reviewed by Simon Fraser.

Remove WEBCORE_EXPORT from the methods.

* page/scrolling/ScrollingTreeFrameScrollingNode.h:
* page/scrolling/ScrollingTreeScrollingNode.h:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@245066 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 months ago[GTK] Support navigation gesture on touchscreens
commit-queue@webkit.org [Wed, 8 May 2019 20:28:22 +0000 (20:28 +0000)]
[GTK] Support navigation gesture on touchscreens
https://bugs.webkit.org/show_bug.cgi?id=197690

Patch by Alexander Mikhaylenko <exalm7659@gmail.com> on 2019-05-08
Reviewed by Michael Catanzaro.

Touch events generate scroll events that are handled in webkitWebViewBaseHandleWheelEvent(),
bypassing webkitWebViewBaseScrollEvent(). Because of that, ViewGestureController never receives
them. Hence pass scroll events to ViewGestureController in webkitWebViewBaseHandleWheelEvent()
instead.

For touch events, gesture progress calculation has to take window width into account to make
the page perfectly follow finger, and deltas are additionally divided by Scrollbar::pixelsPerLineStep(),
so compensate for that.

For touchpad events, change delta multiplier to 10 to match GTK behavior, and introduce a 400px
base width so the swipe speed doesn't change from the previous behavior.

Because of the multiplier change, threshold for triggering the gesture with touchpad is now 4
times larger.

* UIProcess/API/gtk/WebKitWebViewBase.cpp:
(webkitWebViewBaseHandleWheelEvent): Move ViewGestureController bits here.
(webkitWebViewBaseScrollEvent): Removed ViewGestureController bits.
* UIProcess/gtk/ViewGestureControllerGtk.cpp:
(WebKit::ViewGestureController::PendingSwipeTracker::scrollEventCanInfluenceSwipe):
Allow events from touchscreen devices.
(WebKit::isTouchEvent): Added.
(WebKit::ViewGestureController::PendingSwipeTracker::scrollEventGetScrollingDeltas):
Change delta multipliers.
(WebKit::ViewGestureController::SwipeProgressTracker::handleEvent):
Change delta multipliers, account for view width for touchscreen events.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@245065 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 months agoRemove Gigacage from arm64 and use PAC for arm64e instead
keith_miller@apple.com [Wed, 8 May 2019 20:07:53 +0000 (20:07 +0000)]
Remove Gigacage from arm64 and use PAC for arm64e instead
https://bugs.webkit.org/show_bug.cgi?id=197110

Reviewed by Saam Barati.

Source/bmalloc:

Stop using gigacage on arm64 and add a new cage function cagedMayBeNull that is the same as
cage but returns a nullptr if the incoming pointer is already null.

* bmalloc/Gigacage.h:
(Gigacage::cagedMayBeNull):

Source/JavaScriptCore:

This patch makes a bunch of changes. I'll start with global changes then go over changes to each tier and finish with bug fixes.

Global Changes:
Change CagedBarrierPtr to work with PAC so constructors and accessors now expect to receive a length.
Update assembler helper methods to use do PAC when caging.

LLInt:
Add arm64e.rb backend as we missed that when originally open sourcing our arm64e code.
Add a new optional t6 temporary, which is only used currently on arm64e for GetByVal on a TypedArray.
Refactor caging into two helper macros for Primitive/JSValue cages.

Baseline/DFG:
Add authentication where needed for GetByVal and inline object construction.

FTL:
Add a new ValueRep that allows for a late register use. We want this for the authentication patchpoint since we use the length register at the same time as we are defing the authenticated pointer.

Wasm:
Use the TaggedArrayStoragePtr class for the memory base pointer. In theory we should be caging those pointers but I don't want to risk introducing a performance regression with the rest of this change. I've filed https://bugs.webkit.org/show_bug.cgi?id=197620 to do this later.
As we no longer have the Gigacage using most of our VA memory, we can enable fast memories on iOS.
Using fast memories leads to roughly a 2% JetStream2 speedup.

* assembler/MacroAssemblerARM64E.h:
(JSC::MacroAssemblerARM64E::tagArrayPtr):
(JSC::MacroAssemblerARM64E::untagArrayPtr):
(JSC::MacroAssemblerARM64E::removeArrayPtrTag):
* b3/B3LowerToAir.cpp:
* b3/B3PatchpointSpecial.cpp:
(JSC::B3::PatchpointSpecial::admitsStack):
* b3/B3StackmapSpecial.cpp:
(JSC::B3::StackmapSpecial::forEachArgImpl):
(JSC::B3::StackmapSpecial::isArgValidForRep):
* b3/B3Validate.cpp:
* b3/B3ValueRep.cpp:
(JSC::B3::ValueRep::addUsedRegistersTo const):
(JSC::B3::ValueRep::dump const):
(WTF::printInternal):
* b3/B3ValueRep.h:
(JSC::B3::ValueRep::ValueRep):
(JSC::B3::ValueRep::isReg const):
* dfg/DFGOperations.cpp:
(JSC::DFG::newTypedArrayWithSize):
* dfg/DFGSpeculativeJIT.cpp:
(JSC::DFG::SpeculativeJIT::jumpForTypedArrayIsNeuteredIfOutOfBounds):
(JSC::DFG::SpeculativeJIT::cageTypedArrayStorage):
(JSC::DFG::SpeculativeJIT::compileGetIndexedPropertyStorage):
(JSC::DFG::SpeculativeJIT::compileGetTypedArrayByteOffset):
(JSC::DFG::SpeculativeJIT::compileNewTypedArrayWithSize):
* dfg/DFGSpeculativeJIT.h:
* dfg/DFGSpeculativeJIT64.cpp:
(JSC::DFG::SpeculativeJIT::compile):
* ftl/FTLLowerDFGToB3.cpp:
(JSC::FTL::DFG::LowerDFGToB3::compileGetIndexedPropertyStorage):
(JSC::FTL::DFG::LowerDFGToB3::compileGetTypedArrayByteOffset):
(JSC::FTL::DFG::LowerDFGToB3::compileNewTypedArray):
(JSC::FTL::DFG::LowerDFGToB3::compileDataViewGet):
(JSC::FTL::DFG::LowerDFGToB3::compileDataViewSet):
(JSC::FTL::DFG::LowerDFGToB3::untagArrayPtr):
(JSC::FTL::DFG::LowerDFGToB3::caged):
(JSC::FTL::DFG::LowerDFGToB3::speculateTypedArrayIsNotNeutered):
* jit/AssemblyHelpers.h:
(JSC::AssemblyHelpers::cageConditionally):
* jit/IntrinsicEmitter.cpp:
(JSC::IntrinsicGetterAccessCase::emitIntrinsicGetter):
* jit/JITPropertyAccess.cpp:
(JSC::JIT::emitDirectArgumentsGetByVal):
(JSC::JIT::emitIntTypedArrayGetByVal):
(JSC::JIT::emitFloatTypedArrayGetByVal):
(JSC::JIT::emitIntTypedArrayPutByVal):
(JSC::JIT::emitFloatTypedArrayPutByVal):
* jit/PolymorphicCallStubRoutine.cpp:
(JSC::PolymorphicCallNode::clearCallLinkInfo):
* llint/LowLevelInterpreter64.asm:
* offlineasm/arm64.rb:
* offlineasm/arm64e.rb: Added.
* offlineasm/ast.rb:
* offlineasm/instructions.rb:
* offlineasm/registers.rb:
* offlineasm/x86.rb:
* runtime/ArrayBuffer.cpp:
(JSC::SharedArrayBufferContents::SharedArrayBufferContents):
(JSC::SharedArrayBufferContents::~SharedArrayBufferContents):
(JSC::ArrayBufferContents::ArrayBufferContents):
(JSC::ArrayBufferContents::destroy):
(JSC::ArrayBufferContents::tryAllocate):
(JSC::ArrayBufferContents::makeShared):
(JSC::ArrayBufferContents::copyTo):
* runtime/ArrayBuffer.h:
(JSC::SharedArrayBufferContents::data const):
(JSC::ArrayBufferContents::data const):
(JSC::ArrayBuffer::data):
(JSC::ArrayBuffer::data const):
(JSC::ArrayBuffer::byteLength const):
* runtime/ArrayBufferView.cpp:
(JSC::ArrayBufferView::ArrayBufferView):
* runtime/ArrayBufferView.h:
(JSC::ArrayBufferView::baseAddress const):
(JSC::ArrayBufferView::byteLength const):
(JSC::ArrayBufferView::setRangeImpl):
(JSC::ArrayBufferView::getRangeImpl):
* runtime/CachedTypes.cpp:
(JSC::CachedScopedArgumentsTable::encode):
(JSC::CachedScopedArgumentsTable::decode const):
* runtime/CagedBarrierPtr.h:
(JSC::CagedBarrierPtr::CagedBarrierPtr):
(JSC::CagedBarrierPtr::set):
(JSC::CagedBarrierPtr::get const):
(JSC::CagedBarrierPtr::getMayBeNull const):
(JSC::CagedBarrierPtr::getUnsafe const):
(JSC::CagedBarrierPtr::at const):
(JSC::CagedBarrierPtr::operator== const):
(JSC::CagedBarrierPtr::operator bool const):
(JSC::CagedBarrierPtr::setWithoutBarrier):
(JSC::CagedBarrierPtr::operator* const): Deleted.
(JSC::CagedBarrierPtr::operator-> const): Deleted.
(JSC::CagedBarrierPtr::operator[] const): Deleted.
(): Deleted.
* runtime/DataView.cpp:
(JSC::DataView::DataView):
* runtime/DataView.h:
(JSC::DataView::get):
(JSC::DataView::set):
* runtime/DirectArguments.cpp:
(JSC::DirectArguments::visitChildren):
(JSC::DirectArguments::overrideThings):
(JSC::DirectArguments::unmapArgument):
* runtime/DirectArguments.h:
* runtime/GenericArguments.h:
* runtime/GenericArgumentsInlines.h:
(JSC::GenericArguments<Type>::visitChildren):
(JSC::GenericArguments<Type>::initModifiedArgumentsDescriptor):
(JSC::GenericArguments<Type>::setModifiedArgumentDescriptor):
(JSC::GenericArguments<Type>::isModifiedArgumentDescriptor):
* runtime/GenericTypedArrayView.h:
* runtime/GenericTypedArrayViewInlines.h:
(JSC::GenericTypedArrayView<Adaptor>::GenericTypedArrayView):
* runtime/JSArrayBufferView.cpp:
(JSC::JSArrayBufferView::ConstructionContext::ConstructionContext):
(JSC::JSArrayBufferView::JSArrayBufferView):
(JSC::JSArrayBufferView::finalize):
(JSC::JSArrayBufferView::slowDownAndWasteMemory):
* runtime/JSArrayBufferView.h:
(JSC::JSArrayBufferView::ConstructionContext::vector const):
(JSC::JSArrayBufferView::isNeutered):
(JSC::JSArrayBufferView::hasVector const):
(JSC::JSArrayBufferView::vector const):
* runtime/JSGenericTypedArrayViewInlines.h:
(JSC::JSGenericTypedArrayView<Adaptor>::createUninitialized):
(JSC::JSGenericTypedArrayView<Adaptor>::estimatedSize):
(JSC::JSGenericTypedArrayView<Adaptor>::visitChildren):
* runtime/Options.h:
* runtime/ScopedArgumentsTable.cpp:
(JSC::ScopedArgumentsTable::clone):
(JSC::ScopedArgumentsTable::setLength):
* runtime/ScopedArgumentsTable.h:
* runtime/SymbolTable.h:
* wasm/WasmAirIRGenerator.cpp:
(JSC::Wasm::AirIRGenerator::restoreWebAssemblyGlobalState):
(JSC::Wasm::AirIRGenerator::addCallIndirect):
* wasm/WasmB3IRGenerator.cpp:
(JSC::Wasm::B3IRGenerator::restoreWebAssemblyGlobalState):
(JSC::Wasm::B3IRGenerator::addCallIndirect):
* wasm/WasmBBQPlan.cpp:
(JSC::Wasm::BBQPlan::complete):
* wasm/WasmBinding.cpp:
(JSC::Wasm::wasmToWasm):
* wasm/WasmInstance.h:
(JSC::Wasm::Instance::cachedMemory const):
(JSC::Wasm::Instance::updateCachedMemory):
* wasm/WasmMemory.cpp:
(JSC::Wasm::Memory::Memory):
(JSC::Wasm::Memory::~Memory):
(JSC::Wasm::Memory::grow):
(JSC::Wasm::Memory::dump const):
* wasm/WasmMemory.h:
(JSC::Wasm::Memory::memory const):
* wasm/js/JSToWasm.cpp:
(JSC::Wasm::createJSToWasmWrapper):
* wasm/js/WebAssemblyFunction.cpp:
(JSC::WebAssemblyFunction::jsCallEntrypointSlow):

Source/WTF:

This patch changes the Gigacage to use PAC on arm64e. As part of
this process all platforms must provide their length when
materializing the caged pointer. Since it would be somewhat
confusing to have two parameters for an operator [] those methods
have been removed. Lastly, this patch removes the specializations
for void* caged pointers, instead opting to use enable_if on the
methods that would normally fail on void* e.g. anything that
returns a T&.

* WTF.xcodeproj/project.pbxproj:
* wtf/CMakeLists.txt:
* wtf/CagedPtr.h:
(WTF::CagedPtr::CagedPtr):
(WTF::CagedPtr::get const):
(WTF::CagedPtr::getMayBeNull const):
(WTF::CagedPtr::getUnsafe const):
(WTF::CagedPtr::at const):
(WTF::CagedPtr::reauthenticate):
(WTF::CagedPtr::operator=):
(WTF::CagedPtr::operator== const):
(WTF::CagedPtr::operator bool const):
(WTF::CagedPtr::operator* const): Deleted.
(WTF::CagedPtr::operator-> const): Deleted.
(WTF::CagedPtr::operator[] const): Deleted.
(): Deleted.
* wtf/CagedUniquePtr.h:
(WTF::CagedUniquePtr::CagedUniquePtr):
(WTF::CagedUniquePtr::create):
(WTF::CagedUniquePtr::~CagedUniquePtr):
(WTF::CagedUniquePtr::destroy):
(): Deleted.
* wtf/Gigacage.h:
(Gigacage::cagedMayBeNull):
* wtf/PtrTag.h:
(WTF::tagArrayPtr):
(WTF::untagArrayPtr):
(WTF::removeArrayPtrTag):
(WTF::retagArrayPtr):
* wtf/TaggedArrayStoragePtr.h: Copied from Source/JavaScriptCore/runtime/ArrayBufferView.cpp.
(WTF::TaggedArrayStoragePtr::TaggedArrayStoragePtr):
(WTF::TaggedArrayStoragePtr::get const):
(WTF::TaggedArrayStoragePtr::getUnsafe const):
(WTF::TaggedArrayStoragePtr::resize):
(WTF::TaggedArrayStoragePtr::operator bool const):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@245064 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 months ago[BigInt] Add ValueMod into DFG
ticaiolima@gmail.com [Wed, 8 May 2019 19:38:17 +0000 (19:38 +0000)]
[BigInt] Add ValueMod into DFG
https://bugs.webkit.org/show_bug.cgi?id=186174

Reviewed by Saam Barati.

JSTests:

* microbenchmarks/mod-untyped.js: Added.
* stress/big-int-mod-osr.js: Added.
* stress/value-div-ai-rule.js: Added.
* stress/value-mod-ai-rule.js: Added.

PerformanceTests:

* BigIntBench/big-int-simple-mod.js: Added.

Source/JavaScriptCore:

This patch is introducing a new DFG node called ValueMod, that is
responsible to handle BigInt and Untyped specialization of op_mod.
With the introduction of BigInt, we think that cases with
ValueMod(Untyped, Untyped) can be more common and we introduced
support for such kind of node.

* dfg/DFGAbstractInterpreter.h:
* dfg/DFGAbstractInterpreterInlines.h:
(JSC::DFG::AbstractInterpreter<AbstractStateType>::handleConstantDivOp):

We are abstracting the constant rules of division operations. It
includes ArithDiv, ValueDiv, ArithMod and ValueMod, since they perform
the same analysis.

(JSC::DFG::AbstractInterpreter<AbstractStateType>::executeEffects):
* dfg/DFGBackwardsPropagationPhase.cpp:
(JSC::DFG::BackwardsPropagationPhase::propagate):
* dfg/DFGByteCodeParser.cpp:
(JSC::DFG::ByteCodeParser::makeSafe):
(JSC::DFG::ByteCodeParser::parseBlock):

Here we check if lhs and rhs have number result to emit ArithMod.
Otherwise, we need to fallback to ValueMod and let fixup replace this
operation when possible.

* dfg/DFGClobberize.h:
(JSC::DFG::clobberize):

ValueMod(BigIntUse) doesn't clobberize world because it only calls
`operationModBigInt`.

* dfg/DFGDoesGC.cpp:
(JSC::DFG::doesGC):

ValueMod(BigIntUse) can trigger GC since it allocates intermediate
JSBigInt to perform calculation. ValueMod(UntypedUse) can trigger GC
because it can execute arbritary code from user.

* dfg/DFGFixupPhase.cpp:
(JSC::DFG::FixupPhase::fixupArithDivInt32):

Function created to simplify readability of ArithDiv/AirthMod fixup
operation.

(JSC::DFG::FixupPhase::fixupArithDiv):
(JSC::DFG::FixupPhase::fixupNode):

Following the same fixup rules of ArithDiv.

* dfg/DFGNodeType.h:
* dfg/DFGOperations.cpp:
(JSC::DFG::binaryOp):
* dfg/DFGOperations.h:
* dfg/DFGPredictionPropagationPhase.cpp:

ValueMod follows the same prediction propagation rules of ArithMod and
the same rules for `doDoubleVoting`.

* dfg/DFGSafeToExecute.h:
(JSC::DFG::safeToExecute):
* dfg/DFGSpeculativeJIT.cpp:
(JSC::DFG::SpeculativeJIT::compileValueMod):
* dfg/DFGSpeculativeJIT.h:
* dfg/DFGSpeculativeJIT32_64.cpp:
(JSC::DFG::SpeculativeJIT::compile):
* dfg/DFGSpeculativeJIT64.cpp:
(JSC::DFG::SpeculativeJIT::compile):
* dfg/DFGValidate.cpp:
* ftl/FTLCapabilities.cpp:
(JSC::FTL::canCompile):
* ftl/FTLLowerDFGToB3.cpp:
(JSC::FTL::DFG::LowerDFGToB3::compileNode):
(JSC::FTL::DFG::LowerDFGToB3::compileValueMod):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@245063 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 months ago[iOS] Add a quirk to synthesize mouse events when modifying the selection
wenson_hsieh@apple.com [Wed, 8 May 2019 19:36:33 +0000 (19:36 +0000)]
[iOS] Add a quirk to synthesize mouse events when modifying the selection
https://bugs.webkit.org/show_bug.cgi?id=197683
<rdar://problem/48003980>

Reviewed by Tim Horton.

Source/WebCore:

See WebKit ChangeLog for more details.

Test: editing/selection/ios/dispatch-mouse-events-when-modifying-selection-quirk.html

* page/EventHandler.cpp:
(WebCore::EventHandler::handleMousePressEvent):
(WebCore::EventHandler::supportsSelectionUpdatesOnMouseDrag const):

Add some platform hooks to prevent mousemove events from updating the selection on iOS.

(WebCore::EventHandler::shouldAllowMouseDownToStartDrag const):

Add some platform hooks to prevent drag and drop from kicking in when sending synthetic mousemove events to the
page on iOS (drag and drop is instead triggered by EventHandler::tryToBeginDragAtPoint).

(WebCore::EventHandler::updateSelectionForMouseDrag):
* page/EventHandler.h:
* page/Quirks.cpp:
(WebCore::Quirks::shouldDispatchSyntheticMouseEventsWhenModifyingSelection const):
* page/Quirks.h:

Add the new site-specific quirk.

* page/Settings.yaml:
* page/ios/EventHandlerIOS.mm:
(WebCore::EventHandler::tryToBeginDragAtPoint):
(WebCore::EventHandler::supportsSelectionUpdatesOnMouseDrag const):
(WebCore::EventHandler::shouldAllowMouseDownToStartDrag const):
* testing/InternalSettings.cpp:
(WebCore::InternalSettings::Backup::Backup):
(WebCore::InternalSettings::Backup::restoreTo):
(WebCore::InternalSettings::setShouldDispatchSyntheticMouseEventsWhenModifyingSelection):
* testing/InternalSettings.h:
* testing/InternalSettings.idl:

Add an internal settings hook to opt into this quirk, for use in layout tests.

Source/WebKit:

Introduces support for dispatching synthetic mouse events when modifying the selection on some websites. See
below for more details.

* UIProcess/WebPageProxy.cpp:
(WebKit::WebPageProxy::selectAll):
* UIProcess/WebPageProxy.h:

Instead of executing a "SelectAll" editing command using the generic WebPage::executeEditCommand method,
introduce a separate method for selectAll that executes the "SelectAll" edit command and then does some
platform-specific work. See platformDidSelectAll.

* UIProcess/ios/WKContentViewInteraction.mm:
(-[WKContentView selectAllForWebView:]):
* WebProcess/WebPage/WebPage.cpp:
(WebKit::WebPage::selectAll):
(WebKit::WebPage::shouldDispatchSyntheticMouseEventsWhenModifyingSelection const):

Add a helper method to determine whether the quirk should be enabled.

(WebKit::WebPage::platformDidSelectAll):
* WebProcess/WebPage/WebPage.h:
* WebProcess/WebPage/WebPage.messages.in:
* WebProcess/WebPage/ios/WebPageIOS.mm:
(WebKit::elementRectInRootViewCoordinates):

Move this function closer to the top of the file so that it can be used in
dispatchSyntheticMouseEventsForSelectionGesture.

(WebKit::WebPage::clearSelection):
(WebKit::WebPage::dispatchSyntheticMouseEventsForSelectionGesture):

Add a helper method to dispatch a synthetic mouse event for a given selection gesture type. Used in several
places in WebPageIOS to synthesize and dispatch mouse events during selection.

(WebKit::WebPage::updateSelectionWithTouches):

When changing the selection with selection handles, fake mousedown when the user first touches down on the
selection handle; mousemove as the user is moving the handle around; and finally, mouseup when the user lets go.

(WebKit::WebPage::extendSelection):
(WebKit::WebPage::platformDidSelectAll):

When tapping "Select All" and/or "Select" in the callout menu, fake a mousedown at the selection start, then a
mousemove at selection end, and finally, a mouseup at selection end.

(WebKit::WebPage::getFocusedElementInformation):

LayoutTests:

Adds a new layout test to enable the site-specific quirk and verify that mouse events are dispatched when
changing selection, both via the callout menu and by moving the selection grabber using gestures.

* editing/selection/ios/dispatch-mouse-events-when-modifying-selection-quirk-expected.txt: Added.
* editing/selection/ios/dispatch-mouse-events-when-modifying-selection-quirk.html: Added.
* resources/ui-helper.js:
(window.UIHelper.waitForMenuToHide.return.new.Promise):
(window.UIHelper.waitForMenuToHide):

Introduce a new helper method to wait for the menu to hide (on iOS, this refers to the callout menu).

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@245062 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 months agoWTF::TimingScope should show the total duration and not just the mean
rmorisset@apple.com [Wed, 8 May 2019 18:18:42 +0000 (18:18 +0000)]
WTF::TimingScope should show the total duration and not just the mean
https://bugs.webkit.org/show_bug.cgi?id=197672

Reviewed by Alex Christensen.

* wtf/TimingScope.cpp:
(WTF::TimingScope::scopeDidEnd):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@245061 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 months agoUnreviewed, rolling out r244952.
ryanhaddad@apple.com [Wed, 8 May 2019 17:44:47 +0000 (17:44 +0000)]
Unreviewed, rolling out r244952.

Caused inspector to appear blank.

Reverted changeset:

"Web Inspector: Provide UIString descriptions to improve
localizations"
https://bugs.webkit.org/show_bug.cgi?id=195132
https://trac.webkit.org/changeset/244952

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@245060 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 months agoUnreviewed test gardening for Mojave.
ryanhaddad@apple.com [Wed, 8 May 2019 17:25:25 +0000 (17:25 +0000)]
Unreviewed test gardening for Mojave.

* platform/mac-wk2/TestExpectations: Skip two webgl tests that time out very frequently.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@245059 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 months agoImplement backing-sharing in compositing layers, allowing overlap layers to paint...
simon.fraser@apple.com [Wed, 8 May 2019 17:21:52 +0000 (17:21 +0000)]
Implement backing-sharing in compositing layers, allowing overlap layers to paint into the backing store of another layer
https://bugs.webkit.org/show_bug.cgi?id=197561
<rdar://problem/50445998>

Reviewed by Antti Koivisto.
Source/WebCore:

This change introduces the concept of layers that share backing store for compositing. A layer
which is sharing its backing store first paints itself, and then some set of layers which come
later in paint order in the same stacking context. This reduces the composited layer count in
some overflow scrolling scenarios, thereby also simplifying the scrolling tree.

A backing-shared layer stores a vector of "sharing" RenderLayer* in its RenderLayerBacking. At
paint time, the owning layer is painted, then the sharing layers, setting the owning layer as the
painting root so that positioning and clipping just work.

Sharing layer relationships are constructed in RenderLayerCompositor::computeCompositingRequirements().
We track the last layer which was composited in paint order as a shared candidate. If a later layer
would composite for overlap (and no other reasons), then we allow it to share with the candidate
if the candidate is in its ancestor containing block chain. Sharing is currently limited to layers
in the same stacking context.

isComposited() returns false for sharing layers, but they are like composited layers in that
they behave as painting boundaries, so RenderLayer::paintLayer() needs to stop at them,
and repaints in shared layers have to be directed to their shared layer, hence
changes to RenderLayer::clippingRootForPainting() and RenderLayer::enclosingCompositingLayerForRepaint().

The clipping boundary logic in RenderLayer::backgroundClipRect() needed to be generalized so that
all calls to RenderLayer::parentClipRects() check for crossing painting boundaries and use
TemporaryClipRects in that case.

Tests: compositing/shared-backing/overflow-scroll/absolute-in-stacking-relative-in-scroller.html
       compositing/shared-backing/overflow-scroll/composited-absolute-in-absolute-in-relative-in-scroller.html
       compositing/shared-backing/overflow-scroll/nested-absolute-with-clipping-in-stacking-overflow.html
       compositing/shared-backing/overflow-scroll/previous-sibling-prevents-inclusiveness.html
       compositing/shared-backing/overflow-scroll/relative-in-clipping-in-scroller-in-clipping.html
       compositing/shared-backing/overflow-scroll/relative-in-clipping-in-scroller-in-relative-clipping.html
       compositing/shared-backing/overflow-scroll/relative-in-div-in-overflow-scroll.html
       compositing/shared-backing/overflow-scroll/scrolled-contents-has-painted-content.html
       compositing/shared-backing/overflow-scroll/scrolled-contents-unconstrained-clip.html
       compositing/shared-backing/overflow-scroll/shared-layer-clipping.html
       compositing/shared-backing/overflow-scroll/shared-layer-composited-bounds.html
       compositing/shared-backing/overflow-scroll/shared-layer-nested-relative-stacking.html
       compositing/shared-backing/overflow-scroll/shared-layer-repaint.html
       compositing/shared-backing/partial-compositing-update.html
       compositing/shared-backing/partial-compositing-update2.html
       compositing/shared-backing/remove-sharing-layer.html
       compositing/shared-backing/sharing-cached-clip-rects.html

* rendering/RenderLayer.cpp:
(WebCore::RenderLayer::~RenderLayer):
(WebCore::RenderLayer::ancestorLayerIsInContainingBlockChain const):
(WebCore::RenderLayer::setBackingProviderLayer):
(WebCore::RenderLayer::disconnectFromBackingProviderLayer):
(WebCore::RenderLayer::enclosingCompositingLayerForRepaint const):
(WebCore::RenderLayer::clippingRootForPainting const):
(WebCore::RenderLayer::clipToRect):
(WebCore::RenderLayer::paintLayer):
(WebCore::RenderLayer::updateClipRects):
(WebCore::RenderLayer::clipCrossesPaintingBoundary const):
(WebCore::RenderLayer::calculateClipRects const):
(WebCore::outputPaintOrderTreeLegend):
(WebCore::outputPaintOrderTreeRecursive):
(WebCore::inContainingBlockChain): Deleted.
* rendering/RenderLayer.h:
* rendering/RenderLayerBacking.cpp:
(WebCore::RenderLayerBacking::willBeDestroyed):
(WebCore::clearBackingSharingLayerProviders):
(WebCore::RenderLayerBacking::setBackingSharingLayers):
(WebCore::RenderLayerBacking::removeBackingSharingLayer):
(WebCore::RenderLayerBacking::clearBackingSharingLayers):
(WebCore::RenderLayerBacking::updateCompositedBounds):
(WebCore::RenderLayerBacking::updateDrawsContent):
(WebCore::RenderLayerBacking::isSimpleContainerCompositingLayer const):
(WebCore::RenderLayerBacking::paintIntoLayer):
(WebCore::RenderLayerBacking::paintContents):
* rendering/RenderLayerBacking.h:
* rendering/RenderLayerCompositor.cpp:
(WebCore::RenderLayerCompositor::CompositingState::stateForPaintOrderChildren const):
(WebCore::RenderLayerCompositor::CompositingState::propagateStateFromChildren):
(WebCore::RenderLayerCompositor::CompositingState::propagateStateFromChildrenForUnchangedSubtree):
(WebCore::RenderLayerCompositor::BackingSharingState::resetBackingProviderCandidate):
(WebCore::RenderLayerCompositor::updateCompositingLayers):
(WebCore::backingProviderLayerCanIncludeLayer):
(WebCore::RenderLayerCompositor::computeCompositingRequirements):
(WebCore::RenderLayerCompositor::traverseUnchangedSubtree):
(WebCore::RenderLayerCompositor::updateBacking):
(WebCore::RenderLayerCompositor::layerWillBeRemoved):
(WebCore::RenderLayerCompositor::requiresCompositingForIndirectReason const):
* rendering/RenderLayerCompositor.h:
* rendering/RenderTreeAsText.cpp:

LayoutTests:

New tests for backing sharing, and new baselines of tests whose behavior is changed.

Scrolling tree tests that would be invalidate by sharing are changed to defeat sharing by adding
compositing layers early in stacking order.

* TestExpectations:
* compositing/geometry/limit-layer-bounds-clipping-ancestor-expected.txt:
* compositing/layer-creation/overflow-scroll-overlap-expected.txt:
* compositing/layer-creation/overflow-scroll-overlap.html:
* compositing/overflow/scrolling-content-clip-to-viewport.html:
* compositing/rtl/rtl-scrolling-with-transformed-descendants-expected.txt:
* compositing/shared-backing/overflow-scroll/absolute-in-stacking-relative-in-scroller-expected.txt: Copied from LayoutTests/platform/ios/compositing/overflow/scrolling-content-clip-to-viewport-expected.txt.
* compositing/shared-backing/overflow-scroll/absolute-in-stacking-relative-in-scroller.html: Added.
* compositing/shared-backing/overflow-scroll/composited-absolute-in-absolute-in-relative-in-scroller-expected.txt: Added.
* compositing/shared-backing/overflow-scroll/composited-absolute-in-absolute-in-relative-in-scroller.html: Added.
* compositing/shared-backing/overflow-scroll/nested-absolute-with-clipping-in-stacking-overflow-expected.txt: Added.
* compositing/shared-backing/overflow-scroll/nested-absolute-with-clipping-in-stacking-overflow.html: Copied from LayoutTests/scrollingcoordinator/scrolling-tree/nested-absolute-in-sc-overflow.html.
* compositing/shared-backing/overflow-scroll/previous-sibling-prevents-inclusiveness-expected.txt: Added.
* compositing/shared-backing/overflow-scroll/previous-sibling-prevents-inclusiveness.html: Added.
* compositing/shared-backing/overflow-scroll/relative-in-clipping-in-scroller-in-clipping-expected.txt: Added.
* compositing/shared-backing/overflow-scroll/relative-in-clipping-in-scroller-in-clipping.html: Added.
* compositing/shared-backing/overflow-scroll/relative-in-clipping-in-scroller-in-relative-clipping-expected.txt: Added.
* compositing/shared-backing/overflow-scroll/relative-in-clipping-in-scroller-in-relative-clipping.html: Added.
* compositing/shared-backing/overflow-scroll/relative-in-div-in-overflow-scroll-expected.txt: Copied from LayoutTests/platform/ios/compositing/overflow/scrolling-content-clip-to-viewport-expected.txt.
* compositing/shared-backing/overflow-scroll/relative-in-div-in-overflow-scroll.html: Added.
* compositing/shared-backing/overflow-scroll/scrolled-contents-has-painted-content-expected.txt: Copied from LayoutTests/platform/ios/compositing/overflow/scrolling-content-clip-to-viewport-expected.txt.
* compositing/shared-backing/overflow-scroll/scrolled-contents-has-painted-content.html: Added.
* compositing/shared-backing/overflow-scroll/scrolled-contents-unconstrained-clip-expected.html: Added.
* compositing/shared-backing/overflow-scroll/scrolled-contents-unconstrained-clip.html: Added.
* compositing/shared-backing/overflow-scroll/shared-layer-clipping-expected.html: Added.
* compositing/shared-backing/overflow-scroll/shared-layer-clipping.html: Added.
* compositing/shared-backing/overflow-scroll/shared-layer-composited-bounds-expected.txt: Added.
* compositing/shared-backing/overflow-scroll/shared-layer-composited-bounds.html: Added.
* compositing/shared-backing/overflow-scroll/shared-layer-nested-relative-stacking-expected.txt: Added.
* compositing/shared-backing/overflow-scroll/shared-layer-nested-relative-stacking.html: Added.
* compositing/shared-backing/overflow-scroll/shared-layer-repaint-expected.txt: Added.
* compositing/shared-backing/overflow-scroll/shared-layer-repaint.html: Added.
* compositing/shared-backing/partial-compositing-update-expected.txt: Added.
* compositing/shared-backing/partial-compositing-update.html: Added.
* compositing/shared-backing/partial-compositing-update2-expected.txt: Added.
* compositing/shared-backing/partial-compositing-update2.html: Added.
* compositing/shared-backing/remove-sharing-layer-expected.txt: Added.
* compositing/shared-backing/remove-sharing-layer.html: Added.
* compositing/shared-backing/sharing-cached-clip-rects-expected.txt: Added.
* compositing/shared-backing/sharing-cached-clip-rects.html: Added.
* platform/ios-wk2/TestExpectations:
* platform/ios-wk2/compositing/shared-backing/overflow-scroll/absolute-in-stacking-relative-in-scroller-expected.txt: Copied from LayoutTests/platform/ios/compositing/overflow/scrolling-content-clip-to-viewport-expected.txt.
* platform/ios-wk2/compositing/shared-backing/overflow-scroll/composited-absolute-in-absolute-in-relative-in-scroller-expected.txt: Added.
* platform/ios-wk2/compositing/shared-backing/overflow-scroll/nested-absolute-with-clipping-in-stacking-overflow-expected.txt: Added.
* platform/ios-wk2/compositing/shared-backing/overflow-scroll/previous-sibling-prevents-inclusiveness-expected.txt: Added.
* platform/ios-wk2/compositing/shared-backing/overflow-scroll/relative-in-clipping-in-scroller-in-clipping-expected.txt: Added.
* platform/ios-wk2/compositing/shared-backing/overflow-scroll/relative-in-clipping-in-scroller-in-relative-clipping-expected.txt: Added.
* platform/ios-wk2/compositing/shared-backing/overflow-scroll/relative-in-div-in-overflow-scroll-expected.txt: Copied from LayoutTests/platform/ios/compositing/overflow/scrolling-content-clip-to-viewport-expected.txt.
* platform/ios-wk2/compositing/shared-backing/overflow-scroll/scrolled-contents-has-painted-content-expected.txt: Copied from LayoutTests/platform/ios/compositing/overflow/scrolling-content-clip-to-viewport-expected.txt.
* platform/ios-wk2/scrollingcoordinator/scrolling-tree/nested-absolute-in-absolute-overflow-expected.txt:
* platform/ios-wk2/scrollingcoordinator/scrolling-tree/nested-absolute-in-relative-in-overflow-expected.txt:
* platform/ios-wk2/scrollingcoordinator/scrolling-tree/nested-absolute-in-sc-overflow-expected.txt:
* platform/ios-wk2/scrollingcoordinator/scrolling-tree/positioned-nodes-complex-expected.txt:
* platform/ios/compositing/geometry/limit-layer-bounds-clipping-ancestor-expected.txt:
* platform/ios/compositing/overflow/clipping-behaviour-change-is-not-propagated-to-descendants-expected.txt:
* platform/ios/compositing/overflow/clipping-behaviour-change-is-not-propagated-to-descendants2-expected.txt:
* platform/ios/compositing/overflow/scrolling-content-clip-to-viewport-expected.txt:
* platform/mac-wk1/compositing/overflow/scrolling-content-clip-to-viewport-expected.txt:
* platform/mac-wk2/TestExpectations:
* platform/mac/compositing/overflow/clipping-behaviour-change-is-not-propagated-to-descendants-expected.txt:
* platform/mac/compositing/overflow/clipping-behaviour-change-is-not-propagated-to-descendants2-expected.txt:
* scrollingcoordinator/scrolling-tree/nested-absolute-in-absolute-overflow-expected.txt:
* scrollingcoordinator/scrolling-tree/nested-absolute-in-absolute-overflow.html:
* scrollingcoordinator/scrolling-tree/nested-absolute-in-relative-in-overflow-expected.txt:
* scrollingcoordinator/scrolling-tree/nested-absolute-in-relative-in-overflow.html:
* scrollingcoordinator/scrolling-tree/nested-absolute-in-sc-overflow-expected.txt:
* scrollingcoordinator/scrolling-tree/nested-absolute-in-sc-overflow.html:
* scrollingcoordinator/scrolling-tree/positioned-nodes-complex-expected.txt:
* scrollingcoordinator/scrolling-tree/positioned-nodes-complex.html:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@245058 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 months agoTestRunnerWKWebView's menu callbacks should be cleared upon UI script completion
wenson_hsieh@apple.com [Wed, 8 May 2019 17:15:21 +0000 (17:15 +0000)]
TestRunnerWKWebView's menu callbacks should be cleared upon UI script completion
https://bugs.webkit.org/show_bug.cgi?id=197685

Reviewed by Alex Christensen.

Tools:

Fixes a bug in the test runner wherein didShowMenuCallback and didHideMenuCallback are not reset upon UI script
completion. See LayoutTests/ChangeLog for more details.

* WebKitTestRunner/ios/UIScriptControllerIOS.mm:
(WTR::UIScriptController::platformClearAllCallbacks):

LayoutTests:

Adjust a couple of existing layout tests such that they don't rely on didShowMenuCallback and
didHideMenuCallback sticking around across UI scripts. Currently, these layout tests do the following:

1. Run a UI script that registers menu callback handlers.
2. Run a subsequent UI script that will cause the callback handlers to be fired (e.g. clicking on an element).

After making the change in the test runner to clear menu callbacks upon script completion, callbacks registered
in step (1) are now unregistered when step (2) completes. Instead, we can rewrite this test logic so that
they're driven by a single UI script.

* editing/pasteboard/ios/dom-paste-consecutive-confirmations.html:
* editing/pasteboard/ios/dom-paste-requires-user-gesture.html:

Instead of using internals.withUserGesture, put the test logic under a click handler (which is inside the scope
of a user gesture token), and then use requestAnimationFrame to schedule a second programmatic paste that is
outside the scope of user interaction. As opposed to setTimeout, requestAnimationFrame does not propagate the
current user gesture token.

* editing/pasteboard/ios/resources/dom-paste-helper.js:
(return.new.Promise.):
(async._waitForOrTriggerPasteMenu):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@245057 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 months agoCorrect delayed load event handling
bfulgham@apple.com [Wed, 8 May 2019 16:01:39 +0000 (16:01 +0000)]
Correct delayed load event handling
https://bugs.webkit.org/show_bug.cgi?id=197679
<rdar://problem/50423334>

Reviewed by Alex Christensen.

We need to properly account for the fact that JavaScript might run
while performing loads.

* dom/Document.cpp:
(WebCore::Document::loadEventDelayTimerFired):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@245056 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 months ago[GTK] Pinch Zooming has no maximum
commit-queue@webkit.org [Wed, 8 May 2019 15:46:36 +0000 (15:46 +0000)]
[GTK] Pinch Zooming has no maximum
https://bugs.webkit.org/show_bug.cgi?id=194865

Patch by Alexander Mikhaylenko <exalm7659@gmail.com> on 2019-05-08
Reviewed by Michael Catanzaro.

Set maximum zoom to 3.0, reflecting the value on macOS and iOS.

* UIProcess/gtk/GestureController.cpp:
(WebKit::GestureController::ZoomGesture::scaleChanged):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@245055 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 months agoREGRESSION(r243197): [GStreamer] Error playing redirected streams
philn@webkit.org [Wed, 8 May 2019 15:20:51 +0000 (15:20 +0000)]
REGRESSION(r243197): [GStreamer] Error playing redirected streams
https://bugs.webkit.org/show_bug.cgi?id=197410

Reviewed by Carlos Garcia Campos.

Revert the change introduced in r243197 that was checking the
redirected URI instead of the original URI. Non-main URIs should
be ignored only when they are HLS (or similar) fragments.

Test http/tests/security/canvas-remote-read-remote-video-hls.html still passes.

* platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:
(WebCore::MediaPlayerPrivateGStreamer::handleMessage):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@245054 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 months agoLink prefetch not useful for top-level navigation
commit-queue@webkit.org [Wed, 8 May 2019 12:40:10 +0000 (12:40 +0000)]
Link prefetch not useful for top-level navigation
https://bugs.webkit.org/show_bug.cgi?id=195623

Patch by Rob Buis <rbuis@igalia.com> on 2019-05-08
Reviewed by Youenn Fablet.

Source/WebCore:

Cache cross-domain top-level prefetches in a dedicated cache and not in the
memory cache.

Tests: http/tests/cache/link-prefetch-main-resource-iframe.html
       http/tests/cache/link-prefetch-main-resource.html
       http/tests/contentextensions/prefetch-blocked.html

* loader/LinkLoader.cpp:
(WebCore::LinkLoader::prefetchIfNeeded):
* loader/ResourceLoadInfo.cpp:
(WebCore::toResourceType):

Source/WebKit:

Cache cross-domain top-level prefetches in a dedicated cache. When a navigation
to the same url is done within a threshold (5 seconds), reuse the
prefetch cache entry, move it to the disk cache and navigate to
the url, meaning no extra network trip is needed. When not used within
the threshold period, the prefetch entry will be erased using a timer.

* NetworkProcess/NetworkProcess.cpp:
(WebKit::NetworkProcess::lowMemoryHandler):
* NetworkProcess/NetworkResourceLoader.cpp:
(WebKit::NetworkResourceLoader::retrieveCacheEntry):
(WebKit::NetworkResourceLoader::didReceiveResponse):
(WebKit::NetworkResourceLoader::didReceiveBuffer):
(WebKit::NetworkResourceLoader::tryStoreAsCacheEntry):
(WebKit::NetworkResourceLoader::isCrossOriginPrefetch const):
* NetworkProcess/NetworkResourceLoader.h:
* NetworkProcess/NetworkSession.h:
(WebKit::NetworkSession::prefetchCache):
(WebKit::NetworkSession::clearPrefetchCache):
* NetworkProcess/cache/PrefetchCache.cpp: Added.
(WebKit::PrefetchCache::Entry::Entry):
(WebKit::PrefetchCache::PrefetchCache):
(WebKit::PrefetchCache::~PrefetchCache):
(WebKit::PrefetchCache::clear):
(WebKit::PrefetchCache::take):
(WebKit::PrefetchCache::store):
(WebKit::PrefetchCache::clearExpiredEntries):
* NetworkProcess/cache/PrefetchCache.h: Added.
(WebKit::PrefetchCache::Entry::releaseBuffer):
* Shared/WebPreferences.yaml:
* Sources.txt:
* WebKit.xcodeproj/project.pbxproj:

LayoutTests:

Verify that prefetching a cross-domain top-level main resource
is cached in the prefetch cache and only loaded once, and that non
top-level prefetches keep the old behavior.

* http/tests/cache/link-prefetch-main-resource-expected.txt: Added.
* http/tests/cache/link-prefetch-main-resource-iframe-expected.txt: Added.
* http/tests/cache/link-prefetch-main-resource-iframe.html: Added.
* http/tests/cache/link-prefetch-main-resource.html: Added.
* http/tests/cache/resources/prefetched-main-resource-iframe.php: Added.
* http/tests/cache/resources/prefetched-main-resource.php: Added.
* http/tests/contentextensions/prefetch-blocked-expected.txt: Added.
* http/tests/contentextensions/prefetch-blocked.html: Added.
* http/tests/contentextensions/prefetch-blocked.html.json: Added.
* platform/mac-wk1/TestExpectations:
* platform/win/TestExpectations:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@245053 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 months agoUnreviewed, a build fix after r245043
jiewen_tan@apple.com [Wed, 8 May 2019 08:05:36 +0000 (08:05 +0000)]
Unreviewed, a build fix after r245043

* http/wpt/webauthn/public-key-credential-create-success-hid.https.html:
* http/wpt/webauthn/public-key-credential-get-success-hid.https.html:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@245052 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 months ago[JSC] DFG_ASSERT failed in lowInt52
ysuzuki@apple.com [Wed, 8 May 2019 04:56:34 +0000 (04:56 +0000)]
[JSC] DFG_ASSERT failed in lowInt52
https://bugs.webkit.org/show_bug.cgi?id=197569

Reviewed by Saam Barati.

JSTests:

* stress/getstack-int52.js: Added.
(opt):
(main):

Source/JavaScriptCore:

GetStack with FlushedInt52 should load the flushed value in Int52 form and put the result in m_int52Values / m_strictInt52Values. Previously,
we load it in JSValue / Int32 form and lowInt52 fails to get appropriate one since GetStack does not put the result in m_int52Values / m_strictInt52Values.

* ftl/FTLLowerDFGToB3.cpp:
(JSC::FTL::DFG::LowerDFGToB3::compileGetStack):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@245051 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 months ago[JSC] LLIntPrototypeLoadAdaptiveStructureWatchpoint does not require Bag<>
ysuzuki@apple.com [Wed, 8 May 2019 04:35:36 +0000 (04:35 +0000)]
[JSC] LLIntPrototypeLoadAdaptiveStructureWatchpoint does not require Bag<>
https://bugs.webkit.org/show_bug.cgi?id=197645

Reviewed by Saam Barati.

Source/JavaScriptCore:

We are using HashMap<std::tuple<Structure*, const Instruction*>, Bag<LLIntPrototypeLoadAdaptiveStructureWatchpoint>> for LLIntPrototypeLoadAdaptiveStructureWatchpoint,
but this has several memory inefficiency.

1. Structure* and Instruction* are too large. We can just use StructureID and bytecodeOffset (unsigned).
2. While we are using Bag<>, we do not add a new LLIntPrototypeLoadAdaptiveStructureWatchpoint after constructing this Bag first. So we can
   use Vector<LLIntPrototypeLoadAdaptiveStructureWatchpoint> instead. We ensure that new entry won't be added to this Vector by making Watchpoint
   non-movable.
3. Instead of having OpGetById::Metadata&, we just hold `unsigned` bytecodeOffset, and get Metadata& from the owner CodeBlock when needed.

* bytecode/CodeBlock.cpp:
(JSC::CodeBlock::finalizeLLIntInlineCaches):
* bytecode/CodeBlock.h:
* bytecode/LLIntPrototypeLoadAdaptiveStructureWatchpoint.cpp:
(JSC::LLIntPrototypeLoadAdaptiveStructureWatchpoint::LLIntPrototypeLoadAdaptiveStructureWatchpoint):
(JSC::LLIntPrototypeLoadAdaptiveStructureWatchpoint::fireInternal):
* bytecode/LLIntPrototypeLoadAdaptiveStructureWatchpoint.h:
* bytecode/Watchpoint.h:
* llint/LLIntSlowPaths.cpp:
(JSC::LLInt::setupGetByIdPrototypeCache):

Source/WTF:

* WTF.xcodeproj/project.pbxproj:
* wtf/CMakeLists.txt:
* wtf/Nonmovable.h: Copied from Source/JavaScriptCore/bytecode/LLIntPrototypeLoadAdaptiveStructureWatchpoint.h.
* wtf/Vector.h:
(WTF::minCapacity>::uncheckedConstructAndAppend):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@245050 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 months agoFix !HAVE(ACCESSIBILITY) build
don.olmstead@sony.com [Wed, 8 May 2019 02:56:01 +0000 (02:56 +0000)]
Fix !HAVE(ACCESSIBILITY) build
https://bugs.webkit.org/show_bug.cgi?id=197680

Reviewed by Fujii Hironori.

* accessibility/AXObjectCache.h:
(WebCore::AXObjectCache::focusedUIElementForPage):
Update declaration for !HAVE(ACCESSIBILITY)
* accessibility/AccessibilityObject.h:
Add wrapper implementation for !HAVE(ACCESSIBILITY)
* accessibility/AccessibilityProgressIndicator.cpp:
(WebCore::AccessibilityProgressIndicator::roleValue const):
Add ENABLE(METER_ELEMENT) guard.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@245049 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 months agoSimplify logic to prevent App Nap in WebPage
cdumez@apple.com [Wed, 8 May 2019 01:28:26 +0000 (01:28 +0000)]
Simplify logic to prevent App Nap in WebPage
https://bugs.webkit.org/show_bug.cgi?id=197674

Reviewed by Geoff Garen.

Simplify logic to prevent App Nap in WebPage. We do not need both m_userActivityHysteresis and
m_userActivity since UserActivity is already a HysteresisActivity. We had 2 levels of
HysteresisActivity stacked on top of one another. Also rename "process suppression" to "app nap" as
I find it clearer.

* WebProcess/WebPage/WebPage.cpp:
(WebKit::WebPage::updateThrottleState):
(WebKit::WebPage::mouseEvent):
(WebKit::WebPage::wheelEvent):
(WebKit::WebPage::keyEvent):
(WebKit::WebPage::updatePreferences):
(WebKit::m_userActivityHysteresis): Deleted.
(WebKit::WebPage::updateUserActivity): Deleted.
* WebProcess/WebPage/WebPage.h:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@245048 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 months agoJSC: A bug in BytecodeGenerator::emitEqualityOpImpl
ysuzuki@apple.com [Wed, 8 May 2019 01:23:22 +0000 (01:23 +0000)]
JSC: A bug in BytecodeGenerator::emitEqualityOpImpl
https://bugs.webkit.org/show_bug.cgi?id=197479

Reviewed by Saam Barati.

JSTests:

* stress/do-not-perform-bytecode-peephole-optimization-in-jump-target.js: Added.
(shouldBe):

Source/JavaScriptCore:

Our peephole optimization in BytecodeGenerator is (1) rewinding the previous instruction and (2) emit optimized instruction instead.
If we have jump target between the previous instruction and the subsequent instruction, this peephole optimization breaks the jump target.
To prevent it, we had a mechanism disabling peephole optimization, setting m_lastOpcodeID = op_end and checking m_lastOpcodeID when performing
peephole optimization. However, BytecodeGenerator::emitEqualityOpImpl checks `m_lastInstruction->is<OpTypeof>` instead of `m_lastOpcodeID == op_typeof`,
and miss `op_end` case.

This patch makes the following changes.

1. Add canDoPeepholeOptimization method to clarify the intent of `m_lastInstruction = op_end`.
2. Check canDoPeepholeOptimization status before performing peephole optimization in emitJumpIfTrue, emitJumpIfFalse, and emitEqualityOpImpl.
3. Add `ASSERT(canDoPeepholeOptimization())` in fuseCompareAndJump and fuseTestAndJmp to ensure that peephole optimization is allowed.

* bytecompiler/BytecodeGenerator.cpp:
(JSC::BytecodeGenerator::fuseCompareAndJump):
(JSC::BytecodeGenerator::fuseTestAndJmp):
(JSC::BytecodeGenerator::emitJumpIfTrue):
(JSC::BytecodeGenerator::emitJumpIfFalse):
(JSC::BytecodeGenerator::emitEqualityOpImpl):
* bytecompiler/BytecodeGenerator.h:
(JSC::BytecodeGenerator::canDoPeepholeOptimization const):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@245047 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 months agoREGRESSION(r244230): Web Automation: use null instead of empty string as success...
commit-queue@webkit.org [Wed, 8 May 2019 01:06:12 +0000 (01:06 +0000)]
REGRESSION(r244230): Web Automation: use null instead of empty string as success result of scripts when alert is open
https://bugs.webkit.org/show_bug.cgi?id=197655

Patch by Carlos Garcia Campos <cgarcia@igalia.com> on 2019-05-07
Reviewed by Devin Rousso.

This regressed in r244230, the case of an alert open while running a script is now handled in WebKit side, but
an empty string is returned as a result, which is not a valid JSON serialized string. That made all user prompts
tests to fail.

* UIProcess/Automation/WebAutomationSession.cpp:
(WebKit::WebAutomationSession::willShowJavaScriptDialog): Use null as script result instead of an empty string.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@245046 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 months agoUnreviewed. Add myself as a committer.
obrufau@igalia.com [Wed, 8 May 2019 00:06:24 +0000 (00:06 +0000)]
Unreviewed. Add myself as a committer.

* Scripts/webkitpy/common/config/contributors.json:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@245045 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 months agoUnreviewed, rolling out r245038.
ryanhaddad@apple.com [Tue, 7 May 2019 23:44:52 +0000 (23:44 +0000)]
Unreviewed, rolling out r245038.

Breaks internal builds.

Reverted changeset:

"Add SPI to set a list of hosts to which to send custom header
fields cross-origin"
https://bugs.webkit.org/show_bug.cgi?id=197397
https://trac.webkit.org/changeset/245038

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@245044 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 months ago[WebAuthN] A new request should always suppress the pending request if any
jiewen_tan@apple.com [Tue, 7 May 2019 23:43:18 +0000 (23:43 +0000)]
[WebAuthN] A new request should always suppress the pending request if any
https://bugs.webkit.org/show_bug.cgi?id=191517
<rdar://problem/46888222>

Reviewed by Brent Fulgham.

Source/WebCore:

Blocking new requests from the same page when there is a pending request could DoS the
WebAuthN API in the period between [the page is refreshed, the pending request is
hanedled/timeout]. Therefore, the policy will be to always cancel any pending requests
whenever a new request is made. This will enforce the policy of handling only one
request at a time.

Covered by new tests in existing files.

* Modules/webauthn/AuthenticatorCoordinatorClient.cpp:
(WebCore::AuthenticatorCoordinatorClient::requestReply):
(WebCore::AuthenticatorCoordinatorClient::setRequestCompletionHandler):
(WebCore::AuthenticatorCoordinatorClient::addQueryCompletionHandler):
* Modules/webauthn/AuthenticatorCoordinatorClient.h:

Source/WebKit:

Previously we blocked new WebAuthN requests whenever a pending request was in progress
to prevent background tabs from DoS foreground tabs. However, in r244938, the WebAuthN
API was changed to restrict request handling to the focused document. Therefore, we no
longer have a risk of DoS.

Apart from the vanished benefit, this behavoir actually blocks new pages to use
WebAuthN API in the period between [the previous initating page is closed, the pending
request is hanedled/timeout].

Also, it makes sense to have the current focused document preempt the pending request.
Therefore, the policy will be to always cancel any pending requests whenever a new
request is made. This will enforce the policy of handling only one request at a time.

Note that the current implementation doesn't explicitly cancel pending requests in the
Authenticators, which means that we could receive responses from the Authenticator that
were meant for a previous (now cancelled) request. A follow-up patch (see Bug 191523)
will implement an Authenticator feature to support immediate cancellation.

In the meantime, to protect the atomicity of the request/response pair, i.e., preventing an old
response being used for a new request, there are two safeguards:
1) In web process, each request to UI process is paired with an incremental ID, and therefore an old
response from UI process would have a different ID than the current request, which will then be ignored.
2) In UI process, all responses from authenticators will be piped to the main run loop for processing.
Therefore, when the new request comes in, the old response is either processed or waiting in the pipe.
To prevent the latter being processed, the new request will immediately destroy any authenticators bound
to the old response in the current run loop. Hence, in the next run loop when dealing the old response,
the lambda will have no where to hand the response over.

* UIProcess/WebAuthentication/AuthenticatorManager.cpp:
(WebKit::AuthenticatorManager::makeCredential):
(WebKit::AuthenticatorManager::getAssertion):
(WebKit::AuthenticatorManager::clearStateAsync):
(WebKit::AuthenticatorManager::clearState):
(WebKit::AuthenticatorManager::timeOutTimerFired):
* UIProcess/WebAuthentication/AuthenticatorManager.h:
* UIProcess/WebAuthentication/WebAuthenticatorCoordinatorProxy.cpp:
(WebKit::WebAuthenticatorCoordinatorProxy::makeCredential):
(WebKit::WebAuthenticatorCoordinatorProxy::getAssertion):
(WebKit::WebAuthenticatorCoordinatorProxy::requestReply):
* UIProcess/WebAuthentication/WebAuthenticatorCoordinatorProxy.h:
* UIProcess/WebAuthentication/WebAuthenticatorCoordinatorProxy.messages.in:
* WebProcess/WebAuthentication/WebAuthenticatorCoordinator.cpp:
(WebKit::WebAuthenticatorCoordinator::makeCredential):
(WebKit::WebAuthenticatorCoordinator::getAssertion):
* WebProcess/WebAuthentication/WebAuthenticatorCoordinator.messages.in:

LayoutTests:

* http/wpt/webauthn/public-key-credential-create-failure.https-expected.txt:
* http/wpt/webauthn/public-key-credential-create-failure.https.html:
* http/wpt/webauthn/public-key-credential-create-success-hid.https-expected.txt:
* http/wpt/webauthn/public-key-credential-create-success-hid.https.html:
* http/wpt/webauthn/public-key-credential-get-failure.https-expected.txt:
* http/wpt/webauthn/public-key-credential-get-failure.https.html:
* http/wpt/webauthn/public-key-credential-get-success-hid.https-expected.txt:
* http/wpt/webauthn/public-key-credential-get-success-hid.https.html:
* http/wpt/webauthn/resources/new-page.html: Added.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@245043 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 months agoUnreviewed. Add myself as a committer.
jh718.park@samsung.com [Tue, 7 May 2019 23:41:56 +0000 (23:41 +0000)]
Unreviewed. Add myself as a committer.

* Scripts/webkitpy/common/config/contributors.json:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@245042 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 months ago[macOS] Crash with sandbox error
pvollan@apple.com [Tue, 7 May 2019 23:16:37 +0000 (23:16 +0000)]
[macOS] Crash with sandbox error
https://bugs.webkit.org/show_bug.cgi?id=197675
<rdar://problem/50473330>

Reviewed by Geoffrey Garen.

This crash is caused by missing syscall rules in the sandbox.

* WebProcess/com.apple.WebProcess.sb.in:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@245041 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 months agoTemplateObject passed to template literal tags are not always identical for the same...
ysuzuki@apple.com [Tue, 7 May 2019 22:15:59 +0000 (22:15 +0000)]
TemplateObject passed to template literal tags are not always identical for the same source location.
https://bugs.webkit.org/show_bug.cgi?id=190756

Reviewed by Saam Barati.

JSTests:

* complex.yaml:
* complex/tagged-template-regeneration-after.js: Added.
(shouldBe):
* complex/tagged-template-regeneration.js: Added.
(call):
(test):
* modules/tagged-template-inside-module.js: Added.
(from.string_appeared_here.call):
* modules/tagged-template-inside-module/other-tagged-templates.js: Added.
(call):
(export.otherTaggedTemplates):
* stress/call-and-construct-should-return-same-tagged-templates.js: Added.
(shouldBe):
(call):
(poly):
* stress/tagged-templates-in-direct-eval-should-not-produce-same-site-object.js: Added.
(shouldBe):
(call):
* stress/tagged-templates-in-function-in-direct-eval.js: Added.
(shouldBe):
(call):
(test):
* stress/tagged-templates-in-global-function-should-not-produce-same-site-object.js: Added.
(shouldBe):
(call):
* stress/tagged-templates-in-indirect-eval-should-not-produce-same-site-object.js: Added.
(shouldBe):
(call):
* stress/tagged-templates-in-multiple-functions.js: Added.
(shouldBe):
(call):
(a):
(b):
(c):
* stress/tagged-templates-with-same-start-offset.js: Added.
(shouldBe):

Source/JavaScriptCore:

Tagged template literal requires that the site object is allocated per source location. Previously, we create the site object
when linking CodeBlock and cache it in CodeBlock. But this is wrong because,

1. CodeBlock can be jettisoned and regenerated. So every time CodeBlock is regenerated, we get the different site object.
2. Call and Construct can have different CodeBlock. Even if the function is called in call-form or construct-form, we should return the same site object.

In this patch, we start caching these site objects in the top-level ScriptExecutable, this matches the spec's per source location since the only one top-level
ScriptExecutable is created for the given script code. Each ScriptExecutable of JSFunction can be created multiple times because CodeBlock creates it.
But the top-level one is not created by CodeBlock. This top-level ScriptExecutable is well-aligned to the Script itself. The top-level ScriptExecutable now has HashMap,
which maps source locations to cached site objects.

1. This patch threads the top-level ScriptExecutable to each FunctionExecutable creation. Each FunctionExecutable has a reference to the top-level ScriptExecutable.
2. We put TemplateObjectMap in ScriptExecutable, which manages cached template objects.
3. We move FunctionExecutable::m_cachedPolyProtoStructure to the FunctionExecutable::RareDate to keep FunctionExecutable 128 bytes.
4. TemplateObjectMap is indexed with endOffset of TaggedTemplate.

* Scripts/tests/builtins/expected/JavaScriptCore-Builtin.Promise-Combined.js-result:
* Scripts/tests/builtins/expected/JavaScriptCore-Builtin.Promise-Separate.js-result:
* Scripts/tests/builtins/expected/JavaScriptCore-Builtin.prototype-Combined.js-result:
* Scripts/tests/builtins/expected/JavaScriptCore-Builtin.prototype-Separate.js-result:
* Scripts/tests/builtins/expected/JavaScriptCore-BuiltinConstructor-Combined.js-result:
* Scripts/tests/builtins/expected/JavaScriptCore-BuiltinConstructor-Separate.js-result:
* Scripts/tests/builtins/expected/JavaScriptCore-InternalClashingNames-Combined.js-result:
* Scripts/tests/builtins/expected/WebCore-AnotherGuardedInternalBuiltin-Separate.js-result:
* Scripts/tests/builtins/expected/WebCore-ArbitraryConditionalGuard-Separate.js-result:
* Scripts/tests/builtins/expected/WebCore-GuardedBuiltin-Separate.js-result:
* Scripts/tests/builtins/expected/WebCore-GuardedInternalBuiltin-Separate.js-result:
* Scripts/tests/builtins/expected/WebCore-UnguardedBuiltin-Separate.js-result:
* Scripts/tests/builtins/expected/WebCore-xmlCasingTest-Separate.js-result:
* Scripts/wkbuiltins/builtins_templates.py:
* bytecode/CodeBlock.cpp:
(JSC::CodeBlock::finishCreation):
(JSC::CodeBlock::setConstantRegisters):
* bytecode/CodeBlock.h:
* bytecode/UnlinkedFunctionExecutable.cpp:
(JSC::UnlinkedFunctionExecutable::link):
* bytecode/UnlinkedFunctionExecutable.h:
* bytecompiler/BytecodeGenerator.cpp:
(JSC::BytecodeGenerator::addTemplateObjectConstant):
(JSC::BytecodeGenerator::emitGetTemplateObject):
* bytecompiler/BytecodeGenerator.h:
* parser/ASTBuilder.h:
(JSC::ASTBuilder::createTaggedTemplate):
* runtime/CachedTypes.cpp:
(JSC::CachedTemplateObjectDescriptor::encode):
(JSC::CachedTemplateObjectDescriptor::decode const):
(JSC::CachedJSValue::encode):
(JSC::CachedJSValue::decode const):
* runtime/EvalExecutable.cpp:
(JSC::EvalExecutable::ensureTemplateObjectMap):
(JSC::EvalExecutable::visitChildren):
* runtime/EvalExecutable.h:
* runtime/FunctionExecutable.cpp:
(JSC::FunctionExecutable::finishCreation):
(JSC::FunctionExecutable::visitChildren):
(JSC::FunctionExecutable::fromGlobalCode):
(JSC::FunctionExecutable::ensureRareDataSlow):
(JSC::FunctionExecutable::ensureTemplateObjectMap):
* runtime/FunctionExecutable.h:
* runtime/JSModuleRecord.cpp:
(JSC::JSModuleRecord::instantiateDeclarations):
* runtime/JSTemplateObjectDescriptor.cpp:
(JSC::JSTemplateObjectDescriptor::JSTemplateObjectDescriptor):
(JSC::JSTemplateObjectDescriptor::create):
* runtime/JSTemplateObjectDescriptor.h:
* runtime/ModuleProgramExecutable.cpp:
(JSC::ModuleProgramExecutable::ensureTemplateObjectMap):
(JSC::ModuleProgramExecutable::visitChildren):
* runtime/ModuleProgramExecutable.h:
* runtime/ProgramExecutable.cpp:
(JSC::ProgramExecutable::ensureTemplateObjectMap):
(JSC::ProgramExecutable::visitChildren):
* runtime/ProgramExecutable.h:
* runtime/ScriptExecutable.cpp:
(JSC::ScriptExecutable::topLevelExecutable):
(JSC::ScriptExecutable::createTemplateObject):
(JSC::ScriptExecutable::ensureTemplateObjectMapImpl):
(JSC::ScriptExecutable::ensureTemplateObjectMap):
* runtime/ScriptExecutable.h:
* tools/JSDollarVM.cpp:
(JSC::functionCreateBuiltin):
(JSC::functionDeleteAllCodeWhenIdle):
(JSC::JSDollarVM::finishCreation):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@245040 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 months agoDefine media buffering policy
eric.carlson@apple.com [Tue, 7 May 2019 22:00:32 +0000 (22:00 +0000)]
Define media buffering policy
https://bugs.webkit.org/show_bug.cgi?id=196979
<rdar://problem/28383861>

Reviewed by Jer Noble.

Source/WebCore:

Test: MediaBufferingPolicy API test.

* html/HTMLMediaElement.cpp:
(WebCore::HTMLMediaElement::HTMLMediaElement):
(WebCore::HTMLMediaElement::suspend):
(WebCore::HTMLMediaElement::resume):
(WebCore::HTMLMediaElement::createMediaPlayer):
(WebCore::HTMLMediaElement::setBufferingPolicy):
(WebCore::HTMLMediaElement::purgeBufferedDataIfPossible):
(WebCore::HTMLMediaElement::bufferingPolicy const):
(WebCore::HTMLMediaElement::setShouldBufferData): Deleted.
* html/HTMLMediaElement.h:
(WebCore::HTMLMediaElement::shouldBufferData const): Deleted.
* html/MediaElementSession.cpp:
(WebCore::MediaElementSession::updateClientDataBuffering):
(WebCore::MediaElementSession::preferredBufferingPolicy const):
(WebCore::MediaElementSession::dataBufferingPermitted const): Deleted.
* html/MediaElementSession.h:
* platform/graphics/MediaPlayer.cpp:
(WebCore::MediaPlayer::setBufferingPolicy):
(WebCore::convertEnumerationToString):
(WebCore::MediaPlayer::setShouldBufferData): Deleted.
* platform/graphics/MediaPlayer.h:
* platform/graphics/MediaPlayerEnums.h:
(WTF::LogArgument<WebCore::MediaPlayerEnums::BufferingPolicy>::toString):
* platform/graphics/MediaPlayerPrivate.h:
(WebCore::MediaPlayerPrivateInterface::setBufferingPolicy):
(WebCore::MediaPlayerPrivateInterface::setShouldBufferData): Deleted.
* platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.h:
* platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm:
(WebCore::MediaPlayerPrivateAVFoundationObjC::MediaPlayerPrivateAVFoundationObjC):
(WebCore::MediaPlayerPrivateAVFoundationObjC::setBufferingPolicy):
(WebCore::MediaPlayerPrivateAVFoundationObjC::setShouldBufferData): Deleted.
* platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaStreamAVFObjC.h:
* platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaStreamAVFObjC.mm:
(WebCore::MediaPlayerPrivateMediaStreamAVFObjC::setBufferingPolicy):
(WebCore::MediaPlayerPrivateMediaStreamAVFObjC::flushAndRemoveVideoSampleBuffers): Deleted.
(WebCore::MediaPlayerPrivateMediaStreamAVFObjC::setShouldBufferData): Deleted.
* testing/Internals.cpp:
(WebCore::Internals::elementShouldBufferData):
(WebCore::Internals::elementBufferingPolicy):
* testing/Internals.h:
* testing/Internals.idl:

Source/WebCore/PAL:

* pal/spi/mac/AVFoundationSPI.h:

Source/WTF:

* wtf/Platform.h:

Tools:

* TestWebKitAPI/TestWebKitAPI.xcodeproj/project.pbxproj:
* TestWebKitAPI/Tests/WebKitCocoa/MediaBufferingPolicy.mm: Added.
(waitUntilBufferingPolicyIsEqualTo):
(TEST):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@245039 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 months agoAdd SPI to set a list of hosts to which to send custom header fields cross-origin
commit-queue@webkit.org [Tue, 7 May 2019 21:51:43 +0000 (21:51 +0000)]
Add SPI to set a list of hosts to which to send custom header fields cross-origin
https://bugs.webkit.org/show_bug.cgi?id=197397

Patch by Alex Christensen <achristensen@webkit.org> on 2019-05-07
Reviewed by Geoff Garen.

Source/WebCore:

In r223001 I added the ability to send custom headers, but with a restriction that they will not be sent except to the origin of the main document.
We need the ability to specify what origins to send these headers to even if they are not first party requests.
We get this information in a list of strings which are the hosts to send the headers to.  Some of the strings have an asterisk at the beginning,
indicating that the headers are to be sent to all subdomains.

I repurposed some ObjC SPI that was never adopted, but I keep testing the C API that was to verify no regression.
I also added some new API tests for the new behavior.

* Sources.txt:
* WebCore.xcodeproj/project.pbxproj:
* loader/CustomHeaderFields.cpp: Added.
(WebCore::CustomHeaderFields::thirdPartyDomainsMatch const):
* loader/CustomHeaderFields.h: Added.
(WebCore::CustomHeaderFields::encode const):
(WebCore::CustomHeaderFields::decode):
* loader/DocumentLoader.cpp:
(WebCore::DocumentLoader::setCustomHeaderFields): Deleted.
* loader/DocumentLoader.h:
(WebCore::DocumentLoader::setCustomHeaderFields):
(WebCore::DocumentLoader::customHeaderFields const):
(WebCore::DocumentLoader::customHeaderFields): Deleted.
* loader/cache/CachedResourceLoader.cpp:
(WebCore::CachedResourceLoader::requestResource):

Source/WebKit:

* Shared/API/APIObject.h:
* Shared/Cocoa/APIObject.mm:
(API::Object::newObject):
* Shared/WebsitePoliciesData.cpp:
(WebKit::WebsitePoliciesData::decode):
* Shared/WebsitePoliciesData.h:
* SourcesCocoa.txt:
* UIProcess/API/APICustomHeaderFields.h: Added.
* UIProcess/API/APIWebsitePolicies.cpp:
(API::WebsitePolicies::WebsitePolicies):
(API::WebsitePolicies::copy const):
(API::WebsitePolicies::data):
* UIProcess/API/APIWebsitePolicies.h:
* UIProcess/API/C/WKWebsitePolicies.cpp:
(WKWebsitePoliciesCopyCustomHeaderFields):
(WKWebsitePoliciesSetCustomHeaderFields):
* UIProcess/API/Cocoa/WKWebpagePreferences.mm:
(-[WKWebpagePreferences _customHeaderFields]):
(-[WKWebpagePreferences _setCustomHeaderFields:]):
* UIProcess/API/Cocoa/WKWebpagePreferencesPrivate.h:
* UIProcess/API/Cocoa/_WKCustomHeaderFields.h: Added.
* UIProcess/API/Cocoa/_WKCustomHeaderFields.mm: Added.
(-[_WKCustomHeaderFields init]):
(-[_WKCustomHeaderFields dealloc]):
(-[_WKCustomHeaderFields fields]):
(-[_WKCustomHeaderFields setFields:]):
(-[_WKCustomHeaderFields thirdPartyDomains]):
(-[_WKCustomHeaderFields setThirdPartyDomains:]):
(-[_WKCustomHeaderFields _apiObject]):
* UIProcess/API/Cocoa/_WKCustomHeaderFieldsInternal.h: Added.
* UIProcess/API/Cocoa/_WKWebsitePolicies.h:
* UIProcess/API/Cocoa/_WKWebsitePolicies.mm:
(-[_WKWebsitePolicies customHeaderFields]): Deleted.
(-[_WKWebsitePolicies setCustomHeaderFields:]): Deleted.
* UIProcess/Cocoa/WebViewImpl.h:
* UIProcess/Cocoa/WebViewImpl.mm:
(WebKit::WebViewImpl::takeFocus):
(WebKit::WebViewImpl::accessibilityAttributeValue):
* WebKit.xcodeproj/project.pbxproj:

Tools:

* TestWebKitAPI/Tests/WebKitCocoa/WebsitePolicies.mm:
(TEST):
(expectLegacyHeaders):
(expectHeaders):
(-[CustomHeaderFieldsDelegate webView:decidePolicyForNavigationAction:preferences:decisionHandler:]):
(-[CustomHeaderFieldsDelegate webView:startURLSchemeTask:]):
(-[CustomHeaderFieldsDelegate _webView:decidePolicyForNavigationAction:decisionHandler:]): Deleted.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@245038 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 months agoAdd option to build-webkit to control whether or not XCBuild is used
krollin@apple.com [Tue, 7 May 2019 21:38:27 +0000 (21:38 +0000)]
Add option to build-webkit to control whether or not XCBuild is used
https://bugs.webkit.org/show_bug.cgi?id=197668
<rdar://problem/50549728>

Reviewed by Tim Horton.

Add --[no-]xcbuild to build-webkit to force the use of XCBuild or not.
Also update build-webkit and the makefiles with the foundation for
automatically using XCBuild when the conditions allow it. This latter
facility is currently turned off until Xcode fully supports building
WebKit with XCBuild.

.:

* Makefile.shared:

Tools:

* Scripts/build-webkit:
* Scripts/webkitdirs.pm:
(XcodeOptions):
(canUseXCBuild):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@245037 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 months agorun-bindings-tests should test global scope constructor generation
aestes@apple.com [Tue, 7 May 2019 21:33:01 +0000 (21:33 +0000)]
run-bindings-tests should test global scope constructor generation
https://bugs.webkit.org/show_bug.cgi?id=197669

Reviewed by Alex Christensen.

Source/WebCore:

For interfaces that are exposed on a global object, preprocess-idls.pl generates a partial
interface for the global object defining attributes for the interfaces' constructors. Most
interfaces don't specify a global object, so preprocess-idls.pl defaults to DOMWindow.
Since there is no DOMWindow.idl test case, we never generate the code for exposed interface
constructors when running bindings tests. This means that we can't test changes to how these
constructors are generated.

To fix this, teach preprocess-idls.pl to treat 'TestGlobalObject' as the default global
object when running bindings tests. This means that all exposed interface test cases will
generate their constructors as part of JSTestGlobalObject (unless otherwise specified
by the 'Exposed' extended attribute).

* bindings/scripts/preprocess-idls.pl:
Added --testGlobalContextName and --testGlobalScopeConstructorsFile arguments for use by
run-bindings-tests.

* bindings/scripts/test/JS/JSTestGlobalObject.cpp:
Updated expected results.

Tools:

* Scripts/webkitpy/bindings/main.py:
Updated to specify --testGlobalContextName and --testGlobalScopeConstructorsFile when
invoking preprocess-idls.pl.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@245036 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 months ago[B3] Constants should be hoisted to the root block until moveConstants
rmorisset@apple.com [Tue, 7 May 2019 21:28:38 +0000 (21:28 +0000)]
[B3] Constants should be hoisted to the root block until moveConstants
https://bugs.webkit.org/show_bug.cgi?id=197265

Reviewed by Saam Barati.

This patch does the following:
- B3ReduceStrength now hoists all constants to the root BB, and de-duplicates them along the way
- B3PureCSE no longer bothers with constants, since they are already de-duplicated by the time it gets to see them
- We now run eliminateDeadCode just after moveConstants, so that the Nops that moveConstants generates are freed instead of staying live throughout Air compilation, reducing memory pressure.
- I also took the opportunity to fix typos in comments in various parts of the code base.

Here are a few numbers to justify this patch:
- In JetStream2, about 27% of values at the beginning of B3 are constants
- In JetStream2, about 11% of values at the end of B3 are Nops
- In JetStream2, this patch increases the number of times that tail duplication happens from a bit less than 24k to a bit more than 25k (hoisting constants makes blocks smaller).

When I tried measuring the total effect on JetStream2 I got a tiny and almost certainly non-significant progression.

* b3/B3Generate.cpp:
(JSC::B3::generateToAir):
* b3/B3MoveConstants.cpp:
* b3/B3PureCSE.cpp:
(JSC::B3::PureCSE::process):
* b3/B3PureCSE.h:
* b3/B3ReduceStrength.cpp:
* bytecode/GetByIdStatus.cpp:
(JSC::GetByIdStatus::computeForStubInfoWithoutExitSiteFeedback):
* dfg/DFGCSEPhase.cpp:
* dfg/DFGOSRAvailabilityAnalysisPhase.h:
* dfg/DFGOSRExit.cpp:
(JSC::DFG::OSRExit::executeOSRExit):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@245035 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 months agoFlaky API Test: TestWebKitAPI.ServiceWorkers.ServiceWorkerAndCacheStorageDefaultDirec...
youenn@apple.com [Tue, 7 May 2019 21:09:54 +0000 (21:09 +0000)]
Flaky API Test: TestWebKitAPI.ServiceWorkers.ServiceWorkerAndCacheStorageDefaultDirectories
https://bugs.webkit.org/show_bug.cgi?id=195997
<rdar://problem/50509884>

Reviewed by Chris Dumez.

Spin test until successful.

* TestWebKitAPI/Tests/WebKitCocoa/ServiceWorkerBasic.mm:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@245034 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 months agoVideo stream freeze on front camera orientation changing
youenn@apple.com [Tue, 7 May 2019 21:07:00 +0000 (21:07 +0000)]
Video stream freeze on front camera orientation changing
https://bugs.webkit.org/show_bug.cgi?id=197227
<rdar://problem/50175498>

Reviewed by Eric Carlson.

Source/WebCore:

Use m_currentRotationSessionAngle instead of m_currentRotation to create or not a new rotation session.
Covered by updated test.

* platform/mediastream/mac/RealtimeOutgoingVideoSourceCocoa.h:
* platform/mediastream/mac/RealtimeOutgoingVideoSourceCocoa.mm:
(WebCore::RealtimeOutgoingVideoSourceCocoa::rotatePixelBuffer):

LayoutTests:

* webrtc/video-rotation-expected.txt:
* webrtc/video-rotation.html:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@245033 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 months agogetUserMedia framerate unusable under low light in iOS 12.2
youenn@apple.com [Tue, 7 May 2019 21:04:09 +0000 (21:04 +0000)]
getUserMedia framerate unusable under low light in iOS 12.2
https://bugs.webkit.org/show_bug.cgi?id=196214
<rdar://problem/49232193>

Reviewed by Geoffrey Garen.

When setting the frame rate, set it to the exact value instead of a range.
Otherwise, the capture device might use the lowest frame rate according the light conditions
for best picture quality which is not what is expected by most web pages.

Move frame rate range computation to closer where actually used.
Since frame rate matching is fuzzy, add some checks in case the expected frame rate is slightly out of min/max range.

Manually tested on a real device.

* platform/mediastream/mac/AVVideoCaptureSource.mm:
(WebCore::AVVideoCaptureSource::setSizeAndFrameRateWithPreset):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@245032 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 months agoAll prototypes should call didBecomePrototype()
rmorisset@apple.com [Tue, 7 May 2019 20:59:44 +0000 (20:59 +0000)]
All prototypes should call didBecomePrototype()
https://bugs.webkit.org/show_bug.cgi?id=196315

Reviewed by Saam Barati.

JSTests:

* stress/function-prototype-indexed-accessor.js: Added.

Source/JavaScriptCore:

Otherwise we won't remember to run haveABadTime() when someone adds to them an indexed accessor.

I added a check used in both Structure::finishCreation() and Structure::changePrototypeTransition to make sure we don't
create structures with invalid prototypes.
It found a lot of objects that are used as prototypes in JSGlobalObject and yet were missing didBecomePrototype() in their finishCreation().
Somewhat surprisingly, some of them have names like FunctionConstructor and not only FooPrototype.

* runtime/BigIntPrototype.cpp:
(JSC::BigIntPrototype::finishCreation):
* runtime/BooleanPrototype.cpp:
(JSC::BooleanPrototype::finishCreation):
* runtime/DatePrototype.cpp:
(JSC::DatePrototype::finishCreation):
* runtime/ErrorConstructor.cpp:
(JSC::ErrorConstructor::finishCreation):
* runtime/ErrorPrototype.cpp:
(JSC::ErrorPrototype::finishCreation):
* runtime/FunctionConstructor.cpp:
(JSC::FunctionConstructor::finishCreation):
* runtime/FunctionPrototype.cpp:
(JSC::FunctionPrototype::finishCreation):
* runtime/IntlCollatorPrototype.cpp:
(JSC::IntlCollatorPrototype::finishCreation):
* runtime/IntlDateTimeFormatPrototype.cpp:
(JSC::IntlDateTimeFormatPrototype::finishCreation):
* runtime/IntlNumberFormatPrototype.cpp:
(JSC::IntlNumberFormatPrototype::finishCreation):
* runtime/IntlPluralRulesPrototype.cpp:
(JSC::IntlPluralRulesPrototype::finishCreation):
* runtime/JSArrayBufferPrototype.cpp:
(JSC::JSArrayBufferPrototype::finishCreation):
* runtime/JSDataViewPrototype.cpp:
(JSC::JSDataViewPrototype::finishCreation):
* runtime/JSGenericTypedArrayViewPrototypeInlines.h:
(JSC::JSGenericTypedArrayViewPrototype<ViewClass>::finishCreation):
* runtime/JSGlobalObject.cpp:
(JSC::createConsoleProperty):
* runtime/JSPromisePrototype.cpp:
(JSC::JSPromisePrototype::finishCreation):
* runtime/JSTypedArrayViewConstructor.cpp:
(JSC::JSTypedArrayViewConstructor::finishCreation):
* runtime/JSTypedArrayViewPrototype.cpp:
(JSC::JSTypedArrayViewPrototype::finishCreation):
* runtime/NumberPrototype.cpp:
(JSC::NumberPrototype::finishCreation):
* runtime/RegExpPrototype.cpp:
(JSC::RegExpPrototype::finishCreation):
* runtime/StringPrototype.cpp:
(JSC::StringPrototype::finishCreation):
* runtime/Structure.cpp:
(JSC::Structure::isValidPrototype):
(JSC::Structure::changePrototypeTransition):
* runtime/Structure.h:
* runtime/SymbolPrototype.cpp:
(JSC::SymbolPrototype::finishCreation):
* wasm/js/WebAssemblyCompileErrorPrototype.cpp:
(JSC::WebAssemblyCompileErrorPrototype::finishCreation):
* wasm/js/WebAssemblyInstancePrototype.cpp:
(JSC::WebAssemblyInstancePrototype::finishCreation):
* wasm/js/WebAssemblyLinkErrorPrototype.cpp:
(JSC::WebAssemblyLinkErrorPrototype::finishCreation):
* wasm/js/WebAssemblyMemoryPrototype.cpp:
(JSC::WebAssemblyMemoryPrototype::finishCreation):
* wasm/js/WebAssemblyModulePrototype.cpp:
(JSC::WebAssemblyModulePrototype::finishCreation):
* wasm/js/WebAssemblyPrototype.cpp:
(JSC::WebAssemblyPrototype::finishCreation):
* wasm/js/WebAssemblyRuntimeErrorPrototype.cpp:
(JSC::WebAssemblyRuntimeErrorPrototype::finishCreation):
* wasm/js/WebAssemblyTablePrototype.cpp:
(JSC::WebAssemblyTablePrototype::finishCreation):

Source/WebCore:

It was found by existing tests, with the new assert in JSC::Structure

* bindings/js/JSWindowProxy.cpp:
(WebCore::JSWindowProxy::setWindow):
* bindings/scripts/CodeGeneratorJS.pm:
(GeneratePrototypeDeclaration):
(GenerateConstructorHelperMethods):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@245031 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 months agoWTF::BitVector should have an isEmpty() method
rmorisset@apple.com [Tue, 7 May 2019 20:46:43 +0000 (20:46 +0000)]
WTF::BitVector should have an isEmpty() method
https://bugs.webkit.org/show_bug.cgi?id=197637

Reviewed by Keith Miller.

Source/JavaScriptCore:

Just replaces some comparison of bitCount() to 0 by calls to isEmpty()

* b3/air/AirAllocateRegistersByGraphColoring.cpp:

Source/WTF:

* wtf/BitVector.cpp:
(WTF::BitVector::isEmptySlow const):
* wtf/BitVector.h:
(WTF::BitVector::isEmpty const):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@245030 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 months agoCorrect JSON parser to address unterminated escape character
bfulgham@apple.com [Tue, 7 May 2019 20:30:37 +0000 (20:30 +0000)]
Correct JSON parser to address unterminated escape character
https://bugs.webkit.org/show_bug.cgi?id=197582
<rdar://problem/50459177>

Reviewed by Alex Christensen.

Source/WTF:

Correct JSON parser code to properly deal with unterminated escape
characters.

* wtf/JSONValues.cpp:
(WTF::JSONImpl::decodeString):
(WTF::JSONImpl::parseStringToken):

LayoutTests:

* applicationmanifest/display-mode-bad-manifest-expected.txt:
* applicationmanifest/display-mode-bad-manifest.html:
* applicationmanifest/resources/bad.manifest: Added.
* js/resources/JSON-parse.js: Add test case for unterminated escape.
* js/dom/JSON-parse-expected.txt: Add new test case.
* TestWebKitAPI/Tests/WTF/JSONValue.cpp: Add new false test case
  for unterminated escape character.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@245028 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 months ago[GTK][WPE] Cannot build documentation with gtk-doc
aperez@igalia.com [Tue, 7 May 2019 20:29:17 +0000 (20:29 +0000)]
[GTK][WPE] Cannot build documentation with gtk-doc
https://bugs.webkit.org/show_bug.cgi?id=197663

Reviewed by Philippe Normand.

* UIProcess/API/glib/WebKitSettings.cpp:
(webkit_settings_class_init): Escape content which gets wrongly interpreted as
SGML tags by gtk-doc as Markdown preformatted content, which fits well for the
tag names in the documentation for the WebKitSettings:enable-media property.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@245027 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 months agoUnreviewed, rolling out r244978.
commit-queue@webkit.org [Tue, 7 May 2019 19:57:10 +0000 (19:57 +0000)]
Unreviewed, rolling out r244978.
https://bugs.webkit.org/show_bug.cgi?id=197671

TemplateObject map should use start/end offsets (Requested by
yusukesuzuki on #webkit).

Reverted changeset:

"TemplateObject passed to template literal tags are not always
identical for the same source location."
https://bugs.webkit.org/show_bug.cgi?id=190756
https://trac.webkit.org/changeset/244978

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@245026 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 months agoStorage Access API: Make two changes requested by developers and complete refactoring...
wilander@apple.com [Tue, 7 May 2019 19:55:29 +0000 (19:55 +0000)]
Storage Access API: Make two changes requested by developers and complete refactoring and cleanup
https://bugs.webkit.org/show_bug.cgi?id=197648
<rdar://problem/50527493>

Reviewed by Chris Dumez.

Source/WebCore:

Developers have requested two minor changes to the Storage Access API:
- Only consume the user gesture when the user explicitly denies access.
- Make document.hasStorageAccess() return true instead of false when the feature is off.

In addition to this, we have refactoring and cleanup to do. Namely:
- Make use of WebCore::RegistrableDomain all the way.
- Remove dead code in WebKit::NetworkProcess since the calls now go through NetworkConnectionToWebProcess.
- Introduce boolean enums for state handling.
- Break out the Storage Access API functionality into a supplement of WebCore::Document.

Reviewed by Chris Dumez.

Tests: http/tests/storageAccess/deny-with-prompt-does-not-preserve-gesture.html
       http/tests/storageAccess/deny-without-prompt-preserves-gesture.html
       http/tests/storageAccess/grant-with-prompt-preserves-gesture.html
       http/tests/storageAccess/has-storage-access-true-if-feature-off.html

* DerivedSources-input.xcfilelist:
* DerivedSources-output.xcfilelist:
* DerivedSources.make:
* Headers.cmake:
* Sources.txt:
* WebCore.xcodeproj/project.pbxproj:
* dom/Document.cpp:
(WebCore::Document::hasStorageAccess): Deleted.
(WebCore::Document::requestStorageAccess): Deleted.
(WebCore::Document::enableTemporaryTimeUserGesture): Deleted.
(WebCore::Document::consumeTemporaryTimeUserGesture): Deleted.
(WebCore::Document::hasFrameSpecificStorageAccess const): Deleted.
(WebCore::Document::setHasFrameSpecificStorageAccess): Deleted.
* dom/Document.h:
(WebCore::Document::setUserGrantsStorageAccessOverride): Deleted.
    All of this has been moved to the supplement WebCore::DocumentStorageAccess.
* dom/Document.idl:
    The Storage Access API has been moved to DocumentStorageAccess.idl.
* dom/DocumentStorageAccess.cpp: Added.
(WebCore::DocumentStorageAccess::from):
(WebCore::DocumentStorageAccess::supplementName):
(WebCore::DocumentStorageAccess::hasStorageAccess):
(WebCore::DocumentStorageAccess::requestStorageAccess):
(WebCore::DocumentStorageAccess::enableTemporaryTimeUserGesture):
(WebCore::DocumentStorageAccess::consumeTemporaryTimeUserGesture):
(WebCore::DocumentStorageAccess::hasFrameSpecificStorageAccess const):
(WebCore::DocumentStorageAccess::setHasFrameSpecificStorageAccess):
* dom/DocumentStorageAccess.h: Added.
* dom/DocumentStorageAccess.idl: Added.
* page/ChromeClient.h:
* testing/Internals.cpp:
(WebCore::Internals::setUserGrantsStorageAccess): Deleted.
    This was dead code.
* testing/Internals.h:
* testing/Internals.idl:

Source/WebKit:

Developers have requested two minor changes to the Storage Access API:
- Only consume the user gesture when the user explicitly denies access.
- Make document.hasStorageAccess() return true instead of false when the feature is off.

In addition to this, we have refactoring and cleanup to do. Namely:
- Make use of WebCore::RegistrableDomain all the way.
- Remove dead code in WebKit::NetworkProcess since the calls now go through NetworkConnectionToWebProcess.
- Introduce boolean enums for state handling.
- Break out the Storage Access API functionality into a supplement of WebCore::Document.

* NetworkProcess/Classifier/ResourceLoadStatisticsDatabaseStore.cpp:
(WebKit::ResourceLoadStatisticsDatabaseStore::insertDomainRelationships):
(WebKit::ResourceLoadStatisticsDatabaseStore::requestStorageAccess):
(WebKit::ResourceLoadStatisticsDatabaseStore::requestStorageAccessUnderOpener):
(WebKit::ResourceLoadStatisticsDatabaseStore::grantStorageAccess):
(WebKit::ResourceLoadStatisticsDatabaseStore::grantStorageAccessInternal):
(WebKit::ResourceLoadStatisticsDatabaseStore::hasUserGrantedStorageAccessThroughPrompt const):
    These changes are due to the new enums WebCore::StorageAccessWasGranted and
    WebCore::StorageAccessPromptWasShown.
* NetworkProcess/Classifier/ResourceLoadStatisticsDatabaseStore.h:
* NetworkProcess/Classifier/ResourceLoadStatisticsMemoryStore.cpp:
(WebKit::ResourceLoadStatisticsMemoryStore::requestStorageAccess):
(WebKit::ResourceLoadStatisticsMemoryStore::requestStorageAccessUnderOpener):
(WebKit::ResourceLoadStatisticsMemoryStore::grantStorageAccess):
(WebKit::ResourceLoadStatisticsMemoryStore::grantStorageAccessInternal):
(WebKit::ResourceLoadStatisticsMemoryStore::hasUserGrantedStorageAccessThroughPrompt):
    These changes are due to the new enums WebCore::StorageAccessWasGranted and
    WebCore::StorageAccessPromptWasShown.
* NetworkProcess/Classifier/ResourceLoadStatisticsMemoryStore.h:
* NetworkProcess/Classifier/ResourceLoadStatisticsStore.h:
    These changes are due to the new enums WebCore::StorageAccessWasGranted and
    WebCore::StorageAccessPromptWasShown.
* NetworkProcess/Classifier/WebResourceLoadStatisticsStore.cpp:
(WebKit::WebResourceLoadStatisticsStore::requestStorageAccess):
(WebKit::WebResourceLoadStatisticsStore::grantStorageAccess):
(WebKit::WebResourceLoadStatisticsStore::callGrantStorageAccessHandler):
    These changes are due to the new enums WebCore::StorageAccessWasGranted and
    WebCore::StorageAccessPromptWasShown.
(WebKit::WebResourceLoadStatisticsStore::requestStorageAccessGranted): Deleted.
    This function is now no longer exposed and its functionality could be folded into
    the existing WebResourceLoadStatisticsStore::requestStorageAccess() which is more
    clearly named.
* NetworkProcess/Classifier/WebResourceLoadStatisticsStore.h:
* NetworkProcess/NetworkConnectionToWebProcess.cpp:
(WebKit::NetworkConnectionToWebProcess::hasStorageAccess):
(WebKit::NetworkConnectionToWebProcess::requestStorageAccess):
    These changes are due to the new enums WebCore::StorageAccessWasGranted and
    WebCore::StorageAccessPromptWasShown.
* NetworkProcess/NetworkConnectionToWebProcess.h:
* NetworkProcess/NetworkConnectionToWebProcess.messages.in:
* NetworkProcess/NetworkProcess.cpp:
(WebKit::NetworkProcess::hasStorageAccessForFrame): Deleted.
(WebKit::NetworkProcess::hasStorageAccess): Deleted.
(WebKit::NetworkProcess::requestStorageAccess): Deleted.
(WebKit::NetworkProcess::requestStorageAccessGranted): Deleted.
(WebKit::NetworkProcess::grantStorageAccess): Deleted.
(WebKit::NetworkProcess::removeAllStorageAccess): Deleted.
    These functions were left behind in the move of ITP to the network process.
    This communication goes through WebKit::NetworkConnectionToWebProcess since a while back.
* NetworkProcess/NetworkProcess.h:
* NetworkProcess/NetworkProcess.messages.in:
* Scripts/webkit/messages.py:
    Instructions for derived IPC code on how to include the new enums
    WebCore::StorageAccessWasGranted and WebCore::StorageAccessPromptWasShown.
* UIProcess/Network/NetworkProcessProxy.cpp:
(WebKit::NetworkProcessProxy::hasStorageAccessForFrame): Deleted.
(WebKit::NetworkProcessProxy::hasStorageAccess): Deleted.
(WebKit::NetworkProcessProxy::requestStorageAccess): Deleted.
(WebKit::NetworkProcessProxy::grantStorageAccess): Deleted.
(WebKit::NetworkProcessProxy::removeAllStorageAccess): Deleted.
    These functions were left behind in the move of ITP to the network process.
    This communication goes through WebKit::NetworkConnectionToWebProcess since a while back.
* UIProcess/Network/NetworkProcessProxy.h:
* UIProcess/WebsiteData/WebsiteDataStore.cpp:
(WebKit::WebsiteDataStore::hasStorageAccess): Deleted.
(WebKit::WebsiteDataStore::requestStorageAccess): Deleted.
(WebKit::WebsiteDataStore::grantStorageAccess): Deleted.
    These functions were left behind in the move of ITP to the network process.
    This communication goes through WebKit::NetworkConnectionToWebProcess since a while back.
* UIProcess/WebsiteData/WebsiteDataStore.h:
* WebProcess/WebCoreSupport/WebChromeClient.cpp:
(WebKit::WebChromeClient::hasStorageAccess):
(WebKit::WebChromeClient::requestStorageAccess):
    These changes are due to the new enums WebCore::StorageAccessWasGranted and
    WebCore::StorageAccessPromptWasShown. They also receive WebCore::RegistrableDomain
    objects instead of Strings now.
* WebProcess/WebCoreSupport/WebChromeClient.h:
* WebProcess/WebPage/WebPage.cpp:
(WebKit::WebPage::hasStorageAccess):
(WebKit::WebPage::requestStorageAccess):
    These changes are due to the new enums WebCore::StorageAccessWasGranted and
    WebCore::StorageAccessPromptWasShown. They also receive WebCore::RegistrableDomain
    objects instead of Strings now.
* WebProcess/WebPage/WebPage.h:

LayoutTests:

The changed test cases have had calls to WebCore::Internals::setUserGrantsStorageAccess() removed
since it was dead code.

One of the new tests, deny-with-prompt-does-not-preserve-gesture.html, is marked [ Skip ] for now since
we lack the ability to click "Don't allow" in the prompt. I wanted to include the test anyway so that
we have it. I have done a manual test to make sure the code does the right thing for this case.

* http/tests/storageAccess/deny-with-prompt-does-not-preserve-gesture-expected.txt: Added.
* http/tests/storageAccess/deny-with-prompt-does-not-preserve-gesture.html: Copied from LayoutTests/http/tests/storageAccess/request-and-grant-access-cross-origin-non-sandboxed-iframe-pop-window.html.
* http/tests/storageAccess/deny-without-prompt-preserves-gesture-expected.txt: Added.
* http/tests/storageAccess/deny-without-prompt-preserves-gesture.html: Copied from LayoutTests/http/tests/storageAccess/request-and-grant-access-cross-origin-non-sandboxed-iframe-pop-window.html.
* http/tests/storageAccess/grant-with-prompt-preserves-gesture-expected.txt: Renamed from LayoutTests/http/tests/storageAccess/request-and-grant-access-cross-origin-non-sandboxed-iframe-pop-window-expected.txt.
* http/tests/storageAccess/grant-with-prompt-preserves-gesture.html: Renamed from LayoutTests/http/tests/storageAccess/request-and-grant-access-cross-origin-non-sandboxed-iframe-pop-window.html.
* http/tests/storageAccess/has-storage-access-true-if-feature-off-expected.txt: Added.
* http/tests/storageAccess/has-storage-access-true-if-feature-off.html: Added.
* http/tests/storageAccess/resources/request-storage-access-and-immediately-postmessage-iframe.html:
* http/tests/storageAccess/resources/request-storage-access-iframe-and-pop-window.html:
* http/tests/storageAccess/resources/request-storage-access-iframe.html:
* http/tests/storageAccess/resources/request-storage-access-without-user-gesture-iframe.html:
* http/tests/storageAccess/resources/self-navigating-frame-after-granted-access.html:
* platform/mac-wk2/TestExpectations:
    Added expectations for the new tests.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@245025 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 months agoAdd a release assertion that Functions can only be constructed from non-null Completi...
achristensen@apple.com [Tue, 7 May 2019 19:54:00 +0000 (19:54 +0000)]
Add a release assertion that Functions can only be constructed from non-null CompletionHandlers
https://bugs.webkit.org/show_bug.cgi?id=197641

Reviewed by Chris Dumez.

This will help us find the cause of rdar://problem/48679972 by seeing the crash when the Function is dispatched,
not when it's called with no interesting stack trace.  I manually verified this assertion is hit in such a case.
We should also have no legitimate use of creating a Function out of a null CompletionHandler then never calling it.

* wtf/CompletionHandler.h:
(WTF::Detail::CallableWrapper<CompletionHandler<Out):
* wtf/Function.h:
(WTF::Detail::CallableWrapperBase::~CallableWrapperBase):
(WTF::Detail::CallableWrapper::CallableWrapper):
(WTF::Function<Out):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@245024 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 months agoChange IsITPFirstPartyWebsiteDataRemovalEnabled from DEFAULT_EXPERIMENTAL_FEATURES_EN...
wilander@apple.com [Tue, 7 May 2019 19:10:37 +0000 (19:10 +0000)]
Change IsITPFirstPartyWebsiteDataRemovalEnabled from DEFAULT_EXPERIMENTAL_FEATURES_ENABLED to true.
https://bugs.webkit.org/show_bug.cgi?id=197667
<rdar://problem/50549288>

Reviewed by Brent Fulgham.

* Shared/WebPreferences.yaml:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@245023 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 months agoiOSMac Share Sheet shows up at the wrong place
timothy_horton@apple.com [Tue, 7 May 2019 19:04:00 +0000 (19:04 +0000)]
iOSMac Share Sheet shows up at the wrong place
https://bugs.webkit.org/show_bug.cgi?id=197649
<rdar://problem/49922942>

Reviewed by Megan Gardner.

* UIProcess/ios/WKContentViewInteraction.h:
* UIProcess/ios/WKContentViewInteraction.mm:
(-[WKContentView _showShareSheet:inRect:completionHandler:]):
(-[WKContentView _hoverGestureRecognizerChanged:]):
Pass the last mouse-over location as the presentation location for the
share sheet, if we don't have a rect to present from. Centering the popover
like we do on iPad doesn't work so well (at all) with a macOS context menu.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@245022 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 months agoRename ConnectionMac.mm to ConnectionCocoa.mm since it is used on both macOS and iOS
cdumez@apple.com [Tue, 7 May 2019 18:52:22 +0000 (18:52 +0000)]
Rename ConnectionMac.mm to ConnectionCocoa.mm since it is used on both macOS and iOS
https://bugs.webkit.org/show_bug.cgi?id=197661

Reviewed by Alexey Proskuryakov.

* Platform/IPC/cocoa/ConnectionCocoa.mm: Renamed from Source/WebKit/Platform/IPC/mac/ConnectionMac.mm.
(IPC::ConnectionTerminationWatchdog::createConnectionTerminationWatchdog):
(IPC::ConnectionTerminationWatchdog::ConnectionTerminationWatchdog):
(IPC::ConnectionTerminationWatchdog::watchdogTimerFired):
(IPC::Connection::platformInvalidate):
(IPC::Connection::cancelReceiveSource):
(IPC::Connection::terminateSoon):
(IPC::Connection::platformInitialize):
(IPC::Connection::open):
(IPC::Connection::sendMessage):
(IPC::Connection::platformCanSendOutgoingMessages const):
(IPC::Connection::sendOutgoingMessage):
(IPC::Connection::initializeSendSource):
(IPC::Connection::resumeSendSource):
(IPC::createMessageDecoder):
(IPC::readFromMachPort):
(IPC::Connection::receiveSourceEventHandler):
(IPC::Connection::identifier const):
(IPC::Connection::getAuditToken):
(IPC::Connection::kill):
(IPC::AccessibilityProcessSuspendedNotification):
(IPC::Connection::willSendSyncMessage):
(IPC::Connection::didReceiveSyncReply):
(IPC::Connection::remoteProcessID const):
* Platform/IPC/cocoa/ImportanceAssertion.h: Renamed from Source/WebKit/Platform/IPC/mac/ImportanceAssertion.h.
(IPC::ImportanceAssertion::ImportanceAssertion):
(IPC::ImportanceAssertion::~ImportanceAssertion):
* Platform/IPC/cocoa/MachMessage.cpp: Renamed from Source/WebKit/Platform/IPC/mac/MachMessage.cpp.
(IPC::MachMessage::create):
(IPC::MachMessage::MachMessage):
(IPC::MachMessage::~MachMessage):
(IPC::MachMessage::messageSize):
(IPC::MachMessage::leakDescriptors):
* Platform/IPC/cocoa/MachMessage.h: Renamed from Source/WebKit/Platform/IPC/mac/MachMessage.h.
(IPC::MachMessage::size const):
(IPC::MachMessage::header):
(IPC::MachMessage::messageReceiverName const):
(IPC::MachMessage::messageName const):
* Platform/IPC/cocoa/MachPort.h: Renamed from Source/WebKit/Platform/IPC/mac/MachPort.h.
(IPC::MachPort::MachPort):
(IPC::MachPort::encode const):
(IPC::MachPort::decode):
(IPC::MachPort::port const):
(IPC::MachPort::disposition const):
* PlatformMac.cmake:
* SourcesCocoa.txt:
* WebKit.xcodeproj/project.pbxproj:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@245021 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 months ago[Pointer Events] isPrimary property of pointercancel events should match previous...
commit-queue@webkit.org [Tue, 7 May 2019 18:43:27 +0000 (18:43 +0000)]
[Pointer Events] isPrimary property of pointercancel events should match previous events for that pointer
https://bugs.webkit.org/show_bug.cgi?id=197665

Patch by Antoine Quint <graouts@apple.com> on 2019-05-07
Reviewed by Dean Jackson.

LayoutTests/imported/w3c:

Record WPT progressions.

* web-platform-tests/pointerevents/pointerevent_pointercancel_touch-expected.txt:

Source/WebCore:

The test at web-platform-tests/pointerevents/pointerevent_pointercancel_touch.html would fail early because one of the first assertions
would check that isPrimary for a pointercancel event would match the isPrimary property of the previous pointer event dispatched for that
pointer id. This prevented many further assertions from passing and also was the cause of flakiness for the next test since this test was
ended early and the state of touches created using UIScriptController were not in a clean state.

We now track the isPrimary state for a given pointer using the CapturingData and use that value when dispatching a pointercancel event.

* dom/PointerEvent.cpp:
(WebCore::PointerEvent::create):
(WebCore::PointerEvent::PointerEvent):
* dom/PointerEvent.h:
* page/PointerCaptureController.cpp:
(WebCore::PointerCaptureController::pointerEventWasDispatched):
(WebCore::PointerCaptureController::cancelPointer):
* page/PointerCaptureController.h:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@245020 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 months agoUnreviewed, rolling out r244900.
ryanhaddad@apple.com [Tue, 7 May 2019 18:42:16 +0000 (18:42 +0000)]
Unreviewed, rolling out r244900.

Caused media/track/track-cue-missing.html to fail on debug
queues

Reverted changeset:

"Add logging for RenderLayer clip rects"
https://bugs.webkit.org/show_bug.cgi?id=197547
https://trac.webkit.org/changeset/244900

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@245019 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 months agotryCachePutByID should not crash if target offset changes
tzagallo@apple.com [Tue, 7 May 2019 18:39:27 +0000 (18:39 +0000)]
tryCachePutByID should not crash if target offset changes
https://bugs.webkit.org/show_bug.cgi?id=197311
<rdar://problem/48033612>

Reviewed by Filip Pizlo.

JSTests:

Add a series of tests related tryCachePutByID. Two of these tests used to crash and were fixed
by this patch: `cache-put-by-id-different-attributes.js` and `cache-put-by-id-different-offset.js`

* stress/cache-put-by-id-delete-prototype.js: Added.
(A.prototype.set y):
(A):
(B.prototype.set y):
(B):
(C):
* stress/cache-put-by-id-different-__proto__.js: Added.
(A.prototype.set y):
(A):
(B1):
(B2.prototype.set y):
(B2):
(C):
(D):
* stress/cache-put-by-id-different-attributes.js: Added.
(Foo):
(set x):
* stress/cache-put-by-id-different-offset.js: Added.
(Foo):
(set x):
* stress/cache-put-by-id-insert-prototype.js: Added.
(A.prototype.set y):
(A):
(C):
* stress/cache-put-by-id-poly-proto.js: Added.
(Foo):
(set _):
(createBar.Bar):
(createBar):

Source/JavaScriptCore:

When tryCachePutID is called with a cacheable setter, if the target object where the setter was
found is still in the prototype chain and there's no poly protos in the chain, we use
generateConditionsForPrototypePropertyHit to validate that the target object remains the same.
It checks for the absence of the property in every object in the prototype chain from the base
down to the target object and checks that the property is still present in the target object. It
also bails if there are any uncacheable objects, proxies or dictionary objects in the prototype
chain. However, it does not consider two edge cases:
- It asserts that the property should still be at the same offset in the target object, but this
assertion does not hold if the setter deletes properties of the object and causes the structure
to be flattened after the deletion. Instead of asserting, we just use the updated offset.
- It does not check whether the new slot is also a setter, which leads to a crash in case it's not.

* jit/Repatch.cpp:
(JSC::tryCachePutByID):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@245018 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 months agoDon't OSR enter into an FTL CodeBlock that has been jettisoned
sbarati@apple.com [Tue, 7 May 2019 17:41:42 +0000 (17:41 +0000)]
Don't OSR enter into an FTL CodeBlock that has been jettisoned
https://bugs.webkit.org/show_bug.cgi?id=197531
<rdar://problem/50162379>

Reviewed by Yusuke Suzuki.

JSTests:

* stress/dont-osr-enter-into-jettisoned-ftl-code-block.js: Added.

Source/JavaScriptCore:

Sometimes we make silly mistakes. This is one of those times. It's invalid to OSR
enter into an FTL OSR entry code block that has been jettisoned already.

* dfg/DFGJITCode.cpp:
(JSC::DFG::JITCode::clearOSREntryBlockAndResetThresholds):
* dfg/DFGJITCode.h:
(JSC::DFG::JITCode::clearOSREntryBlock): Deleted.
* dfg/DFGOSREntry.cpp:
(JSC::DFG::prepareOSREntry):
(JSC::DFG::prepareCatchOSREntry):
* dfg/DFGOperations.cpp:
* ftl/FTLOSREntry.cpp:
(JSC::FTL::prepareOSREntry):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@245017 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 months ago<body> with overflow:hidden shouldn't be keyboard scrollable on iOS
antti@apple.com [Tue, 7 May 2019 17:37:16 +0000 (17:37 +0000)]
<body> with overflow:hidden shouldn't be keyboard scrollable on iOS
https://bugs.webkit.org/show_bug.cgi?id=197659
Source/WebKit:

<rdar://problem/50541453>

Reviewed by Antoine Quint.

* UIProcess/ios/WKContentViewInteraction.mm:
(-[WKContentView isScrollableForKeyboardScrollViewAnimator:]):

Disable also keyboard scrolling when touch scrolling is disabled.

LayoutTests:

Reviewed by Antoine Quint.

* fast/scrolling/ios/body-overflow-hidden-keyboard-expected.html: Added.
* fast/scrolling/ios/body-overflow-hidden-keyboard.html: Added.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@245016 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 months agoVersioning.
kocsen_chung@apple.com [Tue, 7 May 2019 17:26:53 +0000 (17:26 +0000)]
Versioning.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@245015 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 months agomedia/W3C/video/events/event_progress.html is flaky.
ryanhaddad@apple.com [Tue, 7 May 2019 16:37:16 +0000 (16:37 +0000)]
media/W3C/video/events/event_progress.html is flaky.
https://bugs.webkit.org/show_bug.cgi?id=175678

Unreviewed test gardening.

* platform/ios/TestExpectations: Mark test as flaky.
* platform/mac/TestExpectations: Ditto.
* platform/wk2/TestExpectations: Remove old WK2-only expectation.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@245013 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 months agofast/dom/frame-src-javascript-url-async.html is flaky
cdumez@apple.com [Tue, 7 May 2019 16:28:00 +0000 (16:28 +0000)]
fast/dom/frame-src-javascript-url-async.html is flaky
https://bugs.webkit.org/show_bug.cgi?id=197664

Unreviewed, tweak test so that it is no longer flaky.

* fast/dom/frame-src-javascript-url-async-expected.txt:
* fast/dom/frame-src-javascript-url-async.html:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@245012 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 months ago[Flatpak] webkit-build fails due to missing GTK2 in build environment
aperez@igalia.com [Tue, 7 May 2019 16:15:11 +0000 (16:15 +0000)]
[Flatpak] webkit-build fails due to missing GTK2 in build environment
https://bugs.webkit.org/show_bug.cgi?id=197352

Reviewed by Philippe Normand.

The Flatpak runtimes do not include GTK 2.x anymore, which means that we need
to build it ourselves on top in order to be able to build the GTK 2.x plugin
process.

* flatpak/org.webkit.GTK.yaml: Add gtk2 package.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@245011 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 months ago[macOS / iOS Debug] Layout Test imported/w3c/web-platform-tests/webrtc/RTCPeerConnect...
ryanhaddad@apple.com [Tue, 7 May 2019 16:03:09 +0000 (16:03 +0000)]
[macOS / iOS Debug] Layout Test imported/w3c/web-platform-tests/webrtc/RTCPeerConnection-getStats.https.html a flaky failure
https://bugs.webkit.org/show_bug.cgi?id=197662

Unreviewed test gardening.

* platform/ios-wk2/TestExpectations: Mark test as flaky.
* platform/mac-wk2/TestExpectations: Ditto.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@245010 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 months ago[macOS] Avoid crashing the UI process when writing empty data to the pasteboard
wenson_hsieh@apple.com [Tue, 7 May 2019 14:39:10 +0000 (14:39 +0000)]
[macOS] Avoid crashing the UI process when writing empty data to the pasteboard
https://bugs.webkit.org/show_bug.cgi?id=197644
<rdar://problem/50526364>

Reviewed by Tim Horton.

Source/WebKit:

Test: WebKit.WKWebProcessPlugInDoNotCrashWhenCopyingEmptyClientData

* WebProcess/WebCoreSupport/WebPlatformStrategies.cpp:
(WebKit::WebPlatformStrategies::setBufferForType):

Make this function robust by not attempting to create a shared memory buffer in the case where the given data
buffer is empty.

Tools:

Add a new API test to exercise a possible scenario where we may crash while writing data to the pasteboard.

* TestWebKitAPI/Tests/WebKitCocoa/BundleEditingDelegate.mm:
* TestWebKitAPI/Tests/WebKitCocoa/BundleEditingDelegatePlugIn.mm:
(-[BundleEditingDelegatePlugIn webProcessPlugIn:didCreateBrowserContextController:]):
(-[BundleEditingDelegatePlugIn _webProcessPlugInBrowserContextController:pasteboardDataForRange:]):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@245009 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 months ago[GTK] Crash in webkitWebViewBaseSetEnableBackForwardNavigationGesture
carlosgc@webkit.org [Tue, 7 May 2019 14:33:47 +0000 (14:33 +0000)]
[GTK] Crash in webkitWebViewBaseSetEnableBackForwardNavigationGesture
https://bugs.webkit.org/show_bug.cgi?id=197653

Reviewed by Žan Doberšek.

We still need to null-check the ViewGestureController there, since it can be called with a running process but
not yet attached when using a related view.

* UIProcess/API/gtk/WebKitWebViewBase.cpp:
(webkitWebViewBaseSetEnableBackForwardNavigationGesture):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@245008 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 months ago[GTK][WPE] MiniBrowser: load about:blank for new web views in automation mode
carlosgc@webkit.org [Tue, 7 May 2019 12:33:56 +0000 (12:33 +0000)]
[GTK][WPE] MiniBrowser: load about:blank for new web views in automation mode
https://bugs.webkit.org/show_bug.cgi?id=197651

Reviewed by Žan Doberšek.

This is required since the process creation was delayed until something is loaded in the view.

* MiniBrowser/gtk/BrowserWindow.c:
(browser_window_get_or_create_web_view_for_automation):
* MiniBrowser/wpe/main.cpp:
(main):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@245007 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 months ago<body> with overflow:hidden CSS is scrollable on iOS
antti@apple.com [Tue, 7 May 2019 12:02:25 +0000 (12:02 +0000)]
<body> with overflow:hidden CSS is scrollable on iOS
https://bugs.webkit.org/show_bug.cgi?id=153852
<rdar://problem/38715356>

Reviewed by Antoine Quint.

Source/WebCore:

Tests: fast/scrolling/ios/body-overflow-hidden-frame.html
       fast/scrolling/ios/body-overflow-hidden.html

* page/scrolling/ScrollingTreeScrollingNode.h:

Source/WebKit:

Disable touch scrolling of the main scroll view when <body> has overflow:hidden.

This already works for subframes where we don't create a scrollview in the first place.
The patch also adds a test for that.

* UIProcess/API/Cocoa/WKWebView.mm:
(-[WKWebView _didCommitLayerTree:]):

Update scrollability after scrolling tree commits.

* UIProcess/RemoteLayerTree/RemoteScrollingCoordinatorProxy.cpp:
(WebKit::RemoteScrollingCoordinatorProxy::hasScrollableMainFrame const):

Base the decision on root ScrollingTreeScrollingNode::canHaveScrollbars() which is computed from overflow.
This matches Mac where wheel event dispatch is similarly blocked based on this property.

* UIProcess/RemoteLayerTree/RemoteScrollingCoordinatorProxy.h:

LayoutTests:

* fast/scrolling/ios/body-overflow-hidden-expected.html: Added.
* fast/scrolling/ios/body-overflow-hidden-frame-expected.html: Added.
* fast/scrolling/ios/body-overflow-hidden-frame.html: Added.
* fast/scrolling/ios/body-overflow-hidden.html: Added.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@245006 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 months agoMouse event simulation should be limited to the graphing calculator on Desmos.com
graouts@webkit.org [Tue, 7 May 2019 09:50:15 +0000 (09:50 +0000)]
Mouse event simulation should be limited to the graphing calculator on Desmos.com
https://bugs.webkit.org/show_bug.cgi?id=197652
<rdar://problem/47068176>

Reviewed by Antti Koivisto.

* page/Quirks.cpp:
(WebCore::Quirks::shouldDispatchSimulatedMouseEvents const):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@245005 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 months agoImport WPT referrer-policy tests
youenn@apple.com [Tue, 7 May 2019 09:44:54 +0000 (09:44 +0000)]
Import WPT referrer-policy tests
https://bugs.webkit.org/show_bug.cgi?id=197321

Reviewed by Alex Christensen.

LayoutTests/imported/w3c:

* resources/import-expectations.json:
* web-platform-tests/common/: Refreshed.
* web-platform-tests/custom-elements/custom-element-registry/per-global-expected.txt:
* web-platform-tests/html/browsers/the-window-object/named-access-on-the-window-object/navigated-named-objects.window-expected.txt:
* web-platform-tests/referrer-policy/: Added.

LayoutTests:

fix-197321

* TestExpectations:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@245004 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 months agoUpdate test262 expectations for Proxy passes
dino@apple.com [Tue, 7 May 2019 05:05:42 +0000 (05:05 +0000)]
Update test262 expectations for Proxy passes
https://bugs.webkit.org/show_bug.cgi?id=197628

Reviewed by Yusuke Suzuki.

There are two consistent passes in Proxy.ownKeys.

* test262/expectations.yaml:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@245001 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 months agoImprove coordination for creating UIWindow instances.
commit-queue@webkit.org [Tue, 7 May 2019 03:51:58 +0000 (03:51 +0000)]
Improve coordination for creating UIWindow instances.
https://bugs.webkit.org/show_bug.cgi?id=197578.
<rdar://problem/50456965>.

Patch by James Savage <james.savage@apple.com> on 2019-05-06
Reviewed by Wenson Hsieh.

Source/WebCore:

* platform/ios/VideoFullscreenInterfaceAVKit.mm:
(makeWindowFromView): Pull out window creation.
(VideoFullscreenInterfaceAVKit::doSetup): Call new helper function.

Source/WebKit:

* UIProcess/ios/fullscreen/WKFullScreenWindowControllerIOS.mm:
(makeWindowFromView): Pull out window creation.
(-[WKFullScreenWindowController enterFullScreen]): Call new helper function.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@245000 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 months agoJSWrapperMap should check if existing prototype properties are wrappers when copying...
keith_miller@apple.com [Tue, 7 May 2019 01:23:39 +0000 (01:23 +0000)]
JSWrapperMap should check if existing prototype properties are wrappers when copying exported methods.
https://bugs.webkit.org/show_bug.cgi?id=197324
<rdar://problem/50253144>

Reviewed by Saam Barati.

The current implementation prevents using JSExport to shadow a
method from a super class. This was because we would only add a
method if the prototype didn't already claim to have the
property. Normally this would only happen if an Objective-C super
class already exported a ObjCCallbackFunction for the method,
however, if the user exports a property that is already on
Object.prototype the overriden method won't be exported.

This patch fixes the object prototype issue by checking if the
property on the prototype chain is an ObjCCallbackFunction, if
it's not then it adds an override.

* API/JSWrapperMap.mm:
(copyMethodsToObject):
* API/tests/testapi.mm:
(-[ToStringClass toString]):
(-[ToStringClass other]):
(-[ToStringSubclass toString]):
(-[ToStringSubclassNoProtocol toString]):
(testToString):
(testObjectiveCAPI):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@244999 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 months ago_overrideViewportWithArguments does not work when called before loading
timothy_horton@apple.com [Tue, 7 May 2019 01:03:01 +0000 (01:03 +0000)]
_overrideViewportWithArguments does not work when called before loading
https://bugs.webkit.org/show_bug.cgi?id=197638
<rdar://problem/50505111>

Reviewed by Wenson Hsieh.

Source/WebCore:

* dom/Document.cpp:
(WebCore::Document::viewportArguments const):
(WebCore::Document::updateViewportArguments):
(WebCore::Document::setOverrideViewportArguments): Deleted.
* dom/Document.h:
(WebCore::Document::viewportArguments const): Deleted.
* page/Page.cpp:
(WebCore::Page::setOverrideViewportArguments):
* page/Page.h:
(WebCore::Page::overrideViewportArguments const):
* page/ViewportConfiguration.cpp:
(WebCore::ViewportConfiguration::setViewportArguments):
Move overrideViewportArguments to Page, since it is view-global in the API.

Source/WebKit:

* WebProcess/WebPage/ios/WebPageIOS.mm:
(WebKit::WebPage::setOverrideViewportArguments):

Tools:

* TestWebKitAPI/Tests/WebKitCocoa/OverrideViewportArguments.mm:
(TEST):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@244998 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 months agoASSERT at WebKit::NetworkCache::makeSafeToUseMemoryMapForPath under Storage::StoreBod...
cdumez@apple.com [Tue, 7 May 2019 00:42:44 +0000 (00:42 +0000)]
ASSERT at WebKit::NetworkCache::makeSafeToUseMemoryMapForPath under Storage::StoreBodyAsBlob when running WebDriver tests
https://bugs.webkit.org/show_bug.cgi?id=197635
<rdar://problem/50473149>

Reviewed by Geoffrey Garen.

We need to make sure the the path at blobPathString exists before calling FileSystem::makeSafeToUseMemoryMapForPath().
If the blob does not already exist when BlobStorage::add() is called, what will create it is the call to Data::mapToFile().

* NetworkProcess/cache/NetworkCacheBlobStorage.cpp:
(WebKit::NetworkCache::BlobStorage::add):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@244997 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 months ago[JSC] We should check OOM for description string of Symbol
ysuzuki@apple.com [Tue, 7 May 2019 00:29:09 +0000 (00:29 +0000)]
[JSC] We should check OOM for description string of Symbol
https://bugs.webkit.org/show_bug.cgi?id=197634

Reviewed by Keith Miller.

JSTests:

* stress/check-symbol-description-oom.js: Added.
(shouldThrow):

Source/JavaScriptCore:

When resoling JSString for description of Symbol, we should check OOM error.
We also change JSValueMakeSymbol(..., nullptr) to returning a symbol value
without description, (1) to simplify the code and (2) give a way for JSC API
to create a symbol value without description.

* API/JSValueRef.cpp:
(JSValueMakeSymbol):
* API/tests/testapi.cpp:
(TestAPI::symbolsTypeof):
(TestAPI::symbolsDescription):
(testCAPIViaCpp):
* dfg/DFGOperations.cpp:
* runtime/Symbol.cpp:
(JSC::Symbol::createWithDescription):
* runtime/Symbol.h:
* runtime/SymbolConstructor.cpp:
(JSC::callSymbol):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@244996 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 months agoAdd assertions to JSLazyEventListener to help catch the cause of a crash
cdumez@apple.com [Tue, 7 May 2019 00:21:25 +0000 (00:21 +0000)]
Add assertions to JSLazyEventListener to help catch the cause of a crash
https://bugs.webkit.org/show_bug.cgi?id=197617

Reviewed by Alexey Proskuryakov.

Add assertions to JSLazyEventListener to help catch the cause of <rdar://problem/24314027>.

* bindings/js/JSLazyEventListener.cpp:
(WebCore::JSLazyEventListener::checkValidityForEventTarget):
* bindings/js/JSLazyEventListener.h:
* dom/EventListener.h:
(WebCore::EventListener::checkValidityForEventTarget):
* dom/EventTarget.cpp:
(WebCore::EventTarget::addEventListener):
(WebCore::EventTarget::setAttributeEventListener):
(WebCore::EventTarget::innerInvokeEventListeners):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@244995 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 months ago[JSC] Respect already defined USE_LLINT_EMBEDDED_OPCODE_ID compiler variable.
chris.reid@sony.com [Tue, 7 May 2019 00:20:01 +0000 (00:20 +0000)]
[JSC] Respect already defined USE_LLINT_EMBEDDED_OPCODE_ID compiler variable.
https://bugs.webkit.org/show_bug.cgi?id=197633

Reviewed by Don Olmstead.

When the variable `USE_LLINT_EMBEDDED_OPCODE_ID` is defined, stop defining
its value with platform default one.

* wtf/Platform.h:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@244994 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 months agoOccasional crashes in layout tests when firing the shrink-to-fit-content timer
wenson_hsieh@apple.com [Tue, 7 May 2019 00:08:10 +0000 (00:08 +0000)]
Occasional crashes in layout tests when firing the shrink-to-fit-content timer
https://bugs.webkit.org/show_bug.cgi?id=197629
<rdar://problem/50514382>

Reviewed by Tim Horton.

Fixes several crashing layout tests by stopping the shrink-to-fit-content timer when the page closes.

* WebProcess/WebPage/WebPage.cpp:
(WebKit::WebPage::close):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@244993 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 months ago[Web GPU] Add demos to webkit.org
justin_fan@apple.com [Tue, 7 May 2019 00:04:38 +0000 (00:04 +0000)]
[Web GPU] Add demos to webkit.org
https://bugs.webkit.org/show_bug.cgi?id=196951

Reviewed by Dean Jackson.

Add simple triangle and spinning textured cube demos to the website.
Add Web GPU to experimental-features.html.

* demos/webgpu/css/style.css: Added.
(body):
(canvas):
(body.error canvas):
(h1):
(#container):
(select):
(div#log):
(body.error):
(body.error #contents):
(#error):
(@media (max-width: 480px)):
(body.error #error):
(#error h2):
(#error p):
* demos/webgpu/hello-cube.html: Added.
* demos/webgpu/hello-triangle.html: Added.
* demos/webgpu/index.html: Added.
* demos/webgpu/resources/circle.svg: Added.
* demos/webgpu/resources/hello-cube.png: Added.
* demos/webgpu/resources/hello-triangle.png: Added.
* demos/webgpu/resources/safari-alpha.png: Added.
* demos/webgpu/scripts/gl-matrix-min.js: Added.
(return.n):
(return.n.d):
(return.):
(return.get n.n):
(return.n.o):
* demos/webgpu/scripts/hello-triangle.js: Added.
(async.helloTriangle):
* experimental-features.html:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@244992 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 months agoVersioning.
alancoon@apple.com [Mon, 6 May 2019 23:49:56 +0000 (23:49 +0000)]
Versioning.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@244991 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 months ago-[WKWebsiteDataStore removeDataOfTypes:forDataRecords:completionHandler:] doesn't...
pvollan@apple.com [Mon, 6 May 2019 23:29:46 +0000 (23:29 +0000)]
-[WKWebsiteDataStore removeDataOfTypes:forDataRecords:completionHandler:] doesn't delete _WKWebsiteDataTypeCredentials
https://bugs.webkit.org/show_bug.cgi?id=197510
Source/WebCore:

<rdar://problem/50372338>

Reviewed by Alex Christensen.

This patch implements deletion of non persistent credentials for a set of origins. In order for this to work, fetching
credentials from the credential storage needs to return a set of SecurityOriginData objects, instead of a set of origin
strings. This is implemented by iterating over all the elements in the credential map, and creating a SecurityOriginData
object for each credential based on the protection space.

API test: WKWebsiteDataStore.RemoveNonPersistentCredentials

* platform/network/CredentialStorage.cpp:
(WebCore::CredentialStorage::removeCredentialsWithOrigin):
(WebCore::CredentialStorage::originsWithCredentials const):
* platform/network/CredentialStorage.h:
(WebCore::CredentialStorage::originsWithCredentials const): Deleted.

Source/WebKit:

Reviewed by Alex Christensen.

* NetworkProcess/NetworkProcess.cpp:
(WebKit::NetworkProcess::fetchWebsiteData):
(WebKit::NetworkProcess::deleteWebsiteDataForOrigins):
(WebKit::NetworkProcess::registrableDomainsWithWebsiteData):

Tools:

Reviewed by Alex Christensen.

* TestWebKitAPI/Tests/WebKitCocoa/WKWebsiteDatastore.mm:
(TestWebKitAPI::TEST):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@244988 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 months agoTemporarily disable generate-xcfilelists
krollin@apple.com [Mon, 6 May 2019 23:13:47 +0000 (23:13 +0000)]
Temporarily disable generate-xcfilelists
https://bugs.webkit.org/show_bug.cgi?id=197619
<rdar://problem/50507392>

Reviewed by Alex Christensen.

We need to perform a significant update to the generate-xcfilelist
scripts. This work involves coordinated work with another facility. If
the work does not occur in tandem, the build will be broken. To avoid
this, disable the invoking of the scripts during the transition. The
checking will be restored once the new scripts are in place.

Source/JavaScriptCore:

* Scripts/check-xcfilelists.sh:

Source/WebCore:

No new tests -- no change in user-visible functionality.

* Scripts/check-xcfilelists.sh:

Source/WebKit:

* Scripts/check-xcfilelists.sh:

Tools:

* DumpRenderTree/Scripts/check-xcfilelists.sh:
* WebKitTestRunner/Scripts/check-xcfilelists.sh:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@244987 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 months ago[PlayStation] Fix build break since r244919
Basuke.Suzuki@sony.com [Mon, 6 May 2019 23:10:36 +0000 (23:10 +0000)]
[PlayStation] Fix build break since r244919
https://bugs.webkit.org/show_bug.cgi?id=197627

Reviewed by Ross Kirsling.

Bugfix for POSIX socket implementation and suppress warnings.

* inspector/remote/socket/RemoteInspectorConnectionClient.h:
(Inspector::RemoteInspectorConnectionClient::didAccept):
* inspector/remote/socket/posix/RemoteInspectorSocketPOSIX.cpp:
(Inspector::Socket::getPort):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@244986 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 months agoUnreviewed build fix after r244984.
cdumez@apple.com [Mon, 6 May 2019 23:07:33 +0000 (23:07 +0000)]
Unreviewed build fix after r244984.

* WebProcess/cocoa/WebProcessCocoa.mm:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@244985 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 months agoPrewarmed WebContent processes never app nap
cdumez@apple.com [Mon, 6 May 2019 22:47:26 +0000 (22:47 +0000)]
Prewarmed WebContent processes never app nap
https://bugs.webkit.org/show_bug.cgi?id=197630

Reviewed by Geoffrey Garen.

Do not require actually having a WebPage in the WebContent process to App Nap.

* WebProcess/WebPage/WebPage.cpp:
(WebKit::WebPage::updateThrottleState):
* WebProcess/cocoa/WebProcessCocoa.mm:
(WebKit::WebProcess::platformInitializeWebProcess):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@244984 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 months agoHitpoint for link which spans two lines in web content is incorrect
commit-queue@webkit.org [Mon, 6 May 2019 22:33:52 +0000 (22:33 +0000)]
Hitpoint for link which spans two lines in web content is incorrect
https://bugs.webkit.org/show_bug.cgi?id=197511
<rdar://problem/49971483>

Patch by Andres Gonzalez <andresg_22@apple.com> on 2019-05-06
Reviewed by Chris Fleizach.

Source/WebCore:

- Special case for links to return first char location as clickPoint instead of middle point of bounding rect.
- Modified iOS ActivationPoint to use clickPoint. This way all code paths go through the same function.
- Made boundsForRects to return content coordinates in all platforms. Adjusted all callers, directly or indirectly, appropriately.

Tests: accessibility/ios-simulator/links-activation.html
       accessibility/links-activation.html

* accessibility/AccessibilityRenderObject.cpp:
(WebCore::AccessibilityRenderObject::clickPoint):
(WebCore::AccessibilityRenderObject::boundsForRects):
(WebCore::AccessibilityRenderObject::boundsForRects const): Deleted.
* accessibility/AccessibilityRenderObject.h:
* accessibility/ios/WebAccessibilityObjectWrapperIOS.mm:
(-[WebAccessibilityObjectWrapper accessibilityActivationPoint]):
* accessibility/mac/WebAccessibilityObjectWrapperMac.mm:
(-[WebAccessibilityObjectWrapper accessibilityAttributeValue:forParameter:]):

LayoutTests:

- Added LayoutTest.

* accessibility/ios-simulator/links-activation-expected.txt: Added.
* accessibility/ios-simulator/links-activation.html: Added.
* accessibility/links-activation-expected.txt: Added.
* accessibility/links-activation.html: Added.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@244983 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 months agoFix the build after r244975
dbates@webkit.org [Mon, 6 May 2019 22:28:19 +0000 (22:28 +0000)]
Fix the build after r244975
(https://bugs.webkit.org/show_bug.cgi?id=197474)

Actually make use of the Keyboard Event when building with USE(UIKIT_KEYBOARD_ADDITIONS)
and substitute -> for . since it's now passed by reference.

* WebProcess/WebCoreSupport/ios/WebEditorClientIOS.mm:
(WebKit::WebEditorClient::handleInputMethodKeydown):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@244982 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 months agoUnreviewed, land one more test
ysuzuki@apple.com [Mon, 6 May 2019 22:26:28 +0000 (22:26 +0000)]
Unreviewed, land one more test
https://bugs.webkit.org/show_bug.cgi?id=197587

* stress/setter-frame-flush.js: Added.
(setter):
(foo):
(bar):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@244981 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 months agoAdopt AVStreamDataParser.audiovisualMIMETypes
jer.noble@apple.com [Mon, 6 May 2019 22:22:26 +0000 (22:22 +0000)]
Adopt AVStreamDataParser.audiovisualMIMETypes
https://bugs.webkit.org/show_bug.cgi?id=197581
<rdar://problem/50458981>

Reviewed by Eric Carlson.

Source/WebCore:

Add a new singleton class, AVStreamDataParserMIMETypeCache, and rename AVFoundationMIMETypeCache to the more precise
AVAssetMIMETypeCache.  Update all the old AVFoundationMIMETypeCache with the new name.

* SourcesCocoa.txt:
* WebCore.xcodeproj/project.pbxproj:
* platform/graphics/avfoundation/objc/AVAssetMIMETypeCache.h: Renamed from Source/WebCore/platform/graphics/avfoundation/objc/AVFoundationMIMETypeCache.h.
(WebCore::AVAssetMIMETypeCache::setCacheMIMETypesCallback):
* platform/graphics/avfoundation/objc/AVAssetMIMETypeCache.mm: Renamed from Source/WebCore/platform/graphics/avfoundation/objc/AVFoundationMIMETypeCache.mm.
(WebCore::AVAssetMIMETypeCache::singleton):
(WebCore::AVAssetMIMETypeCache::setSupportedTypes):
(WebCore::AVAssetMIMETypeCache::types):
(WebCore::AVAssetMIMETypeCache::supportsContentType):
(WebCore::AVAssetMIMETypeCache::canDecodeType):
(WebCore::AVAssetMIMETypeCache::isAvailable const):
(WebCore::AVAssetMIMETypeCache::loadMIMETypes):
* platform/graphics/avfoundation/objc/AVStreamDataParserMIMETypeCache.h: Added.
* platform/graphics/avfoundation/objc/AVStreamDataParserMIMETypeCache.mm: Added.
(WebCore::AVStreamDataParserMIMETypeCache::singleton):
(WebCore::AVStreamDataParserMIMETypeCache::types):
(WebCore::AVStreamDataParserMIMETypeCache::supportsContentType):
(WebCore::AVStreamDataParserMIMETypeCache::canDecodeType):
(WebCore::AVStreamDataParserMIMETypeCache::isAvailable const):
(WebCore::AVStreamDataParserMIMETypeCache::loadMIMETypes):
* platform/graphics/avfoundation/objc/ImageDecoderAVFObjC.mm:
(WebCore::ImageDecoderAVFObjC::create):
(WebCore::ImageDecoderAVFObjC::supportsMediaType):
(WebCore::ImageDecoderAVFObjC::supportsContentType):
(WebCore::ImageDecoderAVFObjC::canDecodeType):
* platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm:
(WebCore::MediaPlayerPrivateAVFoundationObjC::registerMediaEngine):
(WebCore::MediaPlayerPrivateAVFoundationObjC::getSupportedTypes):
(WebCore::MediaPlayerPrivateAVFoundationObjC::supportsType):
(WebCore::MediaPlayerPrivateAVFoundationObjC::supportsKeySystem):
* platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaSourceAVFObjC.mm:
(WebCore::MediaPlayerPrivateMediaSourceAVFObjC::registerMediaEngine):
(WebCore::MediaPlayerPrivateMediaSourceAVFObjC::getSupportedTypes):
(WebCore::MediaPlayerPrivateMediaSourceAVFObjC::supportsType):

Source/WebKit:

* WebProcess/cocoa/WebProcessCocoa.mm:
(WebKit::WebProcess::platformInitializeWebProcess):
(WebKit::WebProcess::platformTerminate):
(WebKit::WebProcess::setMediaMIMETypes):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@244980 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 months agoTerminate service workers that use too much CPU / power
cdumez@apple.com [Mon, 6 May 2019 21:44:01 +0000 (21:44 +0000)]
Terminate service workers that use too much CPU / power
https://bugs.webkit.org/show_bug.cgi?id=197626
<rdar://problem/50374707>

Reviewed by Geoffrey Garen.

Terminate service worker processes that use over 50% CPU on average over the last 8 minutes,
similarly to what we do for background WebContent processes.

* UIProcess/WebProcessProxy.cpp:
(WebKit::WebProcessProxy::didExceedCPULimit):
* WebProcess/WebProcess.cpp:
(WebKit::WebProcess::initializeProcess):
* WebProcess/cocoa/WebProcessCocoa.mm:
(WebKit::WebProcess::updateCPULimit):
(WebKit::WebProcess::updateCPUMonitorState):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@244979 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 months agoTemplateObject passed to template literal tags are not always identical for the same...
ysuzuki@apple.com [Mon, 6 May 2019 21:33:27 +0000 (21:33 +0000)]
TemplateObject passed to template literal tags are not always identical for the same source location.
https://bugs.webkit.org/show_bug.cgi?id=190756

Reviewed by Saam Barati.

JSTests:

* complex.yaml:
* complex/tagged-template-regeneration-after.js: Added.
(shouldBe):
* complex/tagged-template-regeneration.js: Added.
(call):
(test):
* modules/tagged-template-inside-module.js: Added.
(from.string_appeared_here.call):
* modules/tagged-template-inside-module/other-tagged-templates.js: Added.
(call):
(export.otherTaggedTemplates):
* stress/call-and-construct-should-return-same-tagged-templates.js: Added.
(shouldBe):
(call):
(poly):
* stress/tagged-templates-in-direct-eval-should-not-produce-same-site-object.js: Added.
(shouldBe):
(call):
* stress/tagged-templates-in-global-function-should-not-produce-same-site-object.js: Added.
(shouldBe):
(call):
* stress/tagged-templates-in-indirect-eval-should-not-produce-same-site-object.js: Added.
(shouldBe):
(call):
* stress/tagged-templates-in-multiple-functions.js: Added.
(shouldBe):
(call):
(a):
(b):
(c):

Source/JavaScriptCore:

Tagged template literal requires that the site object is allocated per source location. Previously, we create the site object
when linking CodeBlock and cache it in CodeBlock. But this is wrong because,

1. CodeBlock can be jettisoned and regenerated. So every time CodeBlock is regenerated, we get the different site object.
2. Call and Construct can have different CodeBlock. Even if the function is called in call-form or construct-form, we should return the same site object.

In this patch, we start caching these site objects in the top-level ScriptExecutable, this matches the spec's per source location since the only one top-level
ScriptExecutable is created for the given script code. Each ScriptExecutable of JSFunction can be created multiple times because CodeBlock creates it.
But the top-level one is not created by CodeBlock. This top-level ScriptExecutable is well-aligned to the Script itself. The top-level ScriptExecutable now has HashMap,
which maps source locations to cached site objects.

1. This patch threads the top-level ScriptExecutable to each FunctionExecutable creation. Each FunctionExecutable has a reference to the top-level ScriptExecutable.
2. We put TemplateObjectMap in ScriptExecutable, which manages cached template objects.
3. We move FunctionExecutable::m_cachedPolyProtoStructure to the FunctionExecutable::RareDate to keep FunctionExecutable 128 bytes.

* Scripts/tests/builtins/expected/JavaScriptCore-Builtin.Promise-Combined.js-result:
* Scripts/tests/builtins/expected/JavaScriptCore-Builtin.Promise-Separate.js-result:
* Scripts/tests/builtins/expected/JavaScriptCore-Builtin.prototype-Combined.js-result:
* Scripts/tests/builtins/expected/JavaScriptCore-Builtin.prototype-Separate.js-result:
* Scripts/tests/builtins/expected/JavaScriptCore-BuiltinConstructor-Combined.js-result:
* Scripts/tests/builtins/expected/JavaScriptCore-BuiltinConstructor-Separate.js-result:
* Scripts/tests/builtins/expected/JavaScriptCore-InternalClashingNames-Combined.js-result:
* Scripts/tests/builtins/expected/WebCore-AnotherGuardedInternalBuiltin-Separate.js-result:
* Scripts/tests/builtins/expected/WebCore-ArbitraryConditionalGuard-Separate.js-result:
* Scripts/tests/builtins/expected/WebCore-GuardedBuiltin-Separate.js-result:
* Scripts/tests/builtins/expected/WebCore-GuardedInternalBuiltin-Separate.js-result:
* Scripts/tests/builtins/expected/WebCore-UnguardedBuiltin-Separate.js-result:
* Scripts/tests/builtins/expected/WebCore-xmlCasingTest-Separate.js-result:
* Scripts/wkbuiltins/builtins_templates.py:
* bytecode/CodeBlock.cpp:
(JSC::CodeBlock::finishCreation):
(JSC::CodeBlock::setConstantRegisters):
* bytecode/CodeBlock.h:
* bytecode/UnlinkedFunctionExecutable.cpp:
(JSC::UnlinkedFunctionExecutable::link):
* bytecode/UnlinkedFunctionExecutable.h:
* bytecompiler/BytecodeGenerator.cpp:
(JSC::BytecodeGenerator::addTemplateObjectConstant):
(JSC::BytecodeGenerator::emitGetTemplateObject):
* bytecompiler/BytecodeGenerator.h:
* runtime/CachedTypes.cpp:
(JSC::CachedTemplateObjectDescriptor::encode):
(JSC::CachedTemplateObjectDescriptor::decode const):
(JSC::CachedJSValue::encode):
(JSC::CachedJSValue::decode const):
* runtime/EvalExecutable.cpp:
(JSC::EvalExecutable::ensureTemplateObjectMap):
(JSC::EvalExecutable::visitChildren):
* runtime/EvalExecutable.h:
* runtime/FunctionExecutable.cpp:
(JSC::FunctionExecutable::finishCreation):
(JSC::FunctionExecutable::visitChildren):
(JSC::FunctionExecutable::fromGlobalCode):
(JSC::FunctionExecutable::ensureRareDataSlow):
(JSC::FunctionExecutable::ensureTemplateObjectMap):
* runtime/FunctionExecutable.h:
* runtime/JSModuleRecord.cpp:
(JSC::JSModuleRecord::instantiateDeclarations):
* runtime/JSTemplateObjectDescriptor.cpp:
(JSC::JSTemplateObjectDescriptor::JSTemplateObjectDescriptor):
(JSC::JSTemplateObjectDescriptor::create):
* runtime/JSTemplateObjectDescriptor.h:
* runtime/ModuleProgramExecutable.cpp:
(JSC::ModuleProgramExecutable::ensureTemplateObjectMap):
(JSC::ModuleProgramExecutable::visitChildren):
* runtime/ModuleProgramExecutable.h:
* runtime/ProgramExecutable.cpp:
(JSC::ProgramExecutable::ensureTemplateObjectMap):
(JSC::ProgramExecutable::visitChildren):
* runtime/ProgramExecutable.h:
* runtime/ScriptExecutable.cpp:
(JSC::ScriptExecutable::topLevelExecutable):
(JSC::ScriptExecutable::createTemplateObject):
(JSC::ScriptExecutable::ensureTemplateObjectMap):
* runtime/ScriptExecutable.h:
* tools/JSDollarVM.cpp:
(JSC::functionCreateBuiltin):
(JSC::functionDeleteAllCodeWhenIdle):
(JSC::JSDollarVM::finishCreation):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@244978 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 months agoWebAudio Node JS wrappers should not be collected if events can be fired
youenn@apple.com [Mon, 6 May 2019 21:14:12 +0000 (21:14 +0000)]
WebAudio Node JS wrappers should not be collected if events can be fired
https://bugs.webkit.org/show_bug.cgi?id=197533

Reviewed by Jer Noble.

Source/WebCore:

Before the patch, some web audio nodes could fire event listeners, but were not protected from GC.
Use CustomIsReachable to ensure theses nodes can be collected if:
- their AudioContext is stopped (typically due to document being navigated away).
- their AudioContext is closed.
- nodes do not have event listeners.

Covered by WPT mediacapture-streams/MediaStreamTrack-MediaElement-disabled-audio-is-silence.https.html and
WPT webaudio/the-audio-api/the-mediaelementaudiosourcenode-interface/mediaElementAudioSourceToScriptProcessorTest.html
and web audio WebRTC tests.
Specific newly added test: webaudio/webaudio-gc.html

* Modules/webaudio/AudioContext.h:
(WebCore::AudioContext::isClosed const):
* Modules/webaudio/AudioNode.idl:
* Sources.txt:
* WebCore.xcodeproj/project.pbxproj:
* bindings/js/JSAudioNodeCustom.cpp: Added.
(WebCore::JSAudioNodeOwner::isReachableFromOpaqueRoots):

LayoutTests:

* webaudio/webaudio-gc-expected.txt: Added.
* webaudio/webaudio-gc.html: Added.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@244977 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 months agoREGRESSION: Layout test imported/w3c/web-platform-tests/resource-timing/resource...
ryanhaddad@apple.com [Mon, 6 May 2019 20:44:27 +0000 (20:44 +0000)]
REGRESSION: Layout test imported/w3c/web-platform-tests/resource-timing/resource-timing-level1.sub.html is frequently failing on EWS
https://bugs.webkit.org/show_bug.cgi?id=197473

Unreviewed test gardening.

* platform/ios/TestExpectations: Mark test as flaky on iOS.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@244976 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 months agoGoogle Docs & Yahoo! Japan: Can’t compose characters with Chinese or Japanese keyboard
dbates@webkit.org [Mon, 6 May 2019 20:41:02 +0000 (20:41 +0000)]
Google Docs & Yahoo! Japan: Can’t compose characters with Chinese or Japanese keyboard
https://bugs.webkit.org/show_bug.cgi?id=197474
<rdar://problem/47219324>

Reviewed by Ryosuke Niwa.

Source/WebCore:

Fix up some #if defs to compile more Mac code when building on iOS.

* dom/KeyboardEvent.cpp:
(WebCore::KeyboardEvent::KeyboardEvent):
* platform/PlatformKeyboardEvent.h:
(WebCore::PlatformKeyboardEvent::PlatformKeyboardEvent):

Source/WebKit:

Adopt UIKit SPI (added in <rdar://problem/50181162>) to ask the Input Manager to handle
the key event. If the Input Manager handled it then we pass along this information to
WebCore, just as we do for Mac, so that it can alter its event handling logic. Otherwise,
we handle the event as we do now.

A large part of this patch is fixing up #if defs to compile more Mac code when building
on iOS.

* Platform/spi/ios/UIKitSPI.h: Expose more SPI.
* Shared/NativeWebKeyboardEvent.h:
* Shared/WebEvent.h:
* Shared/WebEventConversion.cpp:
(WebKit::WebKit2PlatformKeyboardEvent::WebKit2PlatformKeyboardEvent):
* Shared/WebKeyboardEvent.cpp:
(WebKit::WebKeyboardEvent::WebKeyboardEvent):
(WebKit::WebKeyboardEvent::encode const):
(WebKit::WebKeyboardEvent::decode):
* Shared/ios/NativeWebKeyboardEventIOS.mm:
(WebKit::NativeWebKeyboardEvent::NativeWebKeyboardEvent):
* Shared/ios/WebIOSEventFactory.h:
* Shared/ios/WebIOSEventFactory.mm:
(WebIOSEventFactory::createWebKeyboardEvent):
Compile more Mac code on iOS. Just like on Mac we maintain some bookkeeping on
whether an event was handled by the Input Manager.

* UIProcess/Automation/ios/WebAutomationSessionIOS.mm:
(WebKit::WebAutomationSession::sendSynthesizedEventsToPage): Pass NativeWebKeyboardEvent::HandledByInputMethod::No
to keep the behavior we have now.

* UIProcess/ios/WKContentViewInteraction.h:
* UIProcess/ios/WKContentViewInteraction.mm:
(-[WKContentView cleanupInteraction]):
(-[WKContentView shouldSuppressUpdateCandidateView]): Added. Used to tell UIKit whether to
suppress updating/showing the candidate view.
(-[WKContentView setMarkedText:selectedRange:]):
Bookkeeping to track whether we need to delay showing/updating the inline candidate view.
The concept in UIKit is deferment, but at the time of writing its simply a request to delay
the update for 0.4 seconds. We opt into this delay only for the first key that begins
marked text (i.e. the transition from no marked text to marked text). We do this because we
may not have up-to-date editor state at the time UIKit is ready to show/update the inline
candidate view for us to answer -textFirstRect and -textLastRect, which UIKit calls as part
of computing the frame rect for the inline candidate view on screen. Once we receive up-to-date
editor state, in -selectionChanged, we tell UIKit to layout the keyboard, which ultimately
causes it to re-compute the frame rect for the inline candidate view and show it.

(-[WKContentView handleKeyWebEvent:]): Pass NativeWebKeyboardEvent::HandledByInputMethod::No
to keep the behavior we have now.
(-[WKContentView handleKeyWebEvent:withCompletionHandler:]): Ask the keyboard to handle the
event using the Input Manager. If it was handled then there is no need to delay calling the
completion handler, call it, then tell the web process about the key event and that it was
already handled by the Input Manager.
(-[WKContentView _selectionChanged]): Tell the keyboard to update the candidate view, if needed.
* WebProcess/WebCoreSupport/ios/WebEditorClientIOS.mm:
(WebKit::WebEditorClient::handleInputMethodKeydown): Mark the event as default handled if
the UI process told us that the event was handled by the Input Manager just like we do on Mac.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@244975 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 months agoTests under pointerevents/ios are flaky
graouts@webkit.org [Mon, 6 May 2019 20:39:28 +0000 (20:39 +0000)]
Tests under pointerevents/ios are flaky
https://bugs.webkit.org/show_bug.cgi?id=197624

Reviewed by Dean Jackson.

Tests under pointerevents/ios generate touches that use UIScriptController may not succeed if ran in multiple iterations or in a specific
order due to not ensuring that all touches are released when the test completes. We now ensure that we do when running swipes, taps, and pinches.

* pointerevents/ios/pointer-events-dispatch-on-stylus.html: Use the new ui.tapStylus() method to generate a tap with the stylus which ensures all
touches are removed upon completion.
* pointerevents/ios/pointer-events-dispatch-on-touch.html: Use a tap to ensure all touches are removed upon completion.
* pointerevents/ios/pointer-events-implicit-capture-has-pointer-capture-in-pointer-down.html: Use a tap to ensure all touches are removed upon completion.
* pointerevents/ios/pointer-events-implicit-capture-release-exception.html: Use a tap to ensure all touches are removed upon completion.
* pointerevents/ios/pointer-events-implicit-capture-release.html: Use a tap to ensure all touches are removed upon completion.
* pointerevents/ios/pointer-events-prevent-default-allows-click-event.html: Ensure both the "click" event and the tap generation have succeeded before
marking the test as complete.
* pointerevents/ios/pointer-events-set-pointer-capture-exceptions.html: Use a tap to ensure all touches are removed upon completion.
* pointerevents/ios/touch-action-none-link-traversal.html: Ensure both the "load" event and the tap generation have succeeded before marking the test
as complete.
* pointerevents/ios/touch-action-pan-x-pan-y.html: Remove the requestAnimationFrame() call since ui.swipe() now resolves its promise once all touches
have completed.
* pointerevents/ios/touch-action-pan-x.html: Remove the requestAnimationFrame() call since ui.swipe() now resolves its promise once all touches
have completed.
* pointerevents/ios/touch-action-pan-y.html: Remove the requestAnimationFrame() call since ui.swipe() now resolves its promise once all touches
have completed.
* pointerevents/ios/touch-action-pinch-zoom-allows-zooming.html: Remove the requestAnimationFrame() call since ui.pinchOut() now resolves its promise
once all touches have completed.
* pointerevents/ios/touch-action-pointercancel-pan-x.html: We don't need to track "pointermove" events since dispatch of "pointercancel" is asynchronous
and the number of "pointermove" events prior to its dispatch can legitimately vary.
* pointerevents/ios/touch-action-pointercancel-pan-y.html: We don't need to track "pointermove" events since dispatch of "pointercancel" is asynchronous
and the number of "pointermove" events prior to its dispatch can legitimately vary.
* pointerevents/utils.js:
(const.ui.new.UIController.prototype.swipe): Wait until the swipe is complete before resolving the promise.
(const.ui.new.UIController.prototype.pinchOut): Use a custom sequence to ensure that the pinch releases touches upon completion.
(const.ui.new.UIController.prototype.tapStylus): Introduce this new method to perform a stylus tap which ensures all touches are complete before resolving
the promise.
(const.ui.new.UIController.prototype.beginTouches): Deleted.
(const.ui.new.UIController.prototype.beginStylus): Deleted.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@244974 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 months agoJS2 should print scores for different categories
sbarati@apple.com [Mon, 6 May 2019 20:36:40 +0000 (20:36 +0000)]
JS2 should print scores for different categories
https://bugs.webkit.org/show_bug.cgi?id=197605

Reviewed by Yusuke Suzuki.

* JetStream2/JetStreamDriver.js:
(displayCategoryScores):
(isInBrowser.document.onkeydown):
(Driver.prototype.async.start):
(Driver.prototype.async.reportScoreToRunBenchmarkRunner):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@244973 268f45cc-cd09-0410-ab3c-d52691b4dbfc